From b230d1575ecf3c15ff192ea69f1367bdc509a810 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Murat=20=C3=96ZDEM=C4=B0R?= Date: Mon, 18 May 2026 10:34:08 +0300 Subject: [PATCH] docs(roadmap): include complete rate and connection limit constants - Expanded the header constants example to cover Global, Auth, and WebSocket limits. - Provided detailed snippets for using constants in WS_PLUGINS and AUTH_LIMIT blocks. - Reinforced maintainability standards for the APISIX initialization script. --- roadmap/prod-env/03-infra-stack-changes.md | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/roadmap/prod-env/03-infra-stack-changes.md b/roadmap/prod-env/03-infra-stack-changes.md index d3b442a..ae48477 100644 --- a/roadmap/prod-env/03-infra-stack-changes.md +++ b/roadmap/prod-env/03-infra-stack-changes.md @@ -111,14 +111,31 @@ Keep the following APISIX plugin limits in `init/apisix-core/init.sh` for `test/ | Auth routes `/v1/auth/*`, `/v1/users/*` | `limit-count` | `count: 12`, `time_window: 60` per `remote_addr` | | Global rule | `limit-count` | `count: 60`, `time_window: 60` per `remote_addr` | -Update the global rate limit block in `init/apisix-core/init.sh`. Define threshold constants at the script header to ensure consistency and ease of updates: +Update the rate limit and connection limit blocks in `init/apisix-core/init.sh`. Define all threshold constants at the script header to ensure consistency and ease of updates: ```bash # Define at the top of init.sh GLOBAL_LIMIT_COUNT=60 GLOBAL_LIMIT_WINDOW=60 +AUTH_LIMIT_COUNT=12 +AUTH_LIMIT_WINDOW=60 +WS_LIMIT_CONN=5 -# ... later in the script ... +# ... later in the script (WebSocket route) ... +if [[ "$PROFILE" != "dev" ]]; then + WS_PLUGINS=',"plugins":{"limit-conn":{"conn":'"$WS_LIMIT_CONN"',"burst":2,"default_conn_delay":0.1,"key":"remote_addr","key_type":"var","rejected_code":429}}' +else + WS_PLUGINS="" +fi + +# ... later in the script (Auth routes) ... +if [[ "$PROFILE" != "dev" ]]; then + AUTH_LIMIT=',"plugins":{"limit-count":{"count":'"$AUTH_LIMIT_COUNT"',"time_window":'"$AUTH_LIMIT_WINDOW"',"key_type":"var","key":"remote_addr","rejected_code":429,"policy":"local"}}' +else + AUTH_LIMIT="" +fi + +# ... later in the script (Global rate limit) ... if [[ "$PROFILE" != "dev" ]]; then if [[ "$PROFILE" == "prod" ]]; then RATE_POLICY="redis"