Generating Kuadrant RateLimitPolicies
Generate Kuadrant RateLimitPolicy object from OpenAPI 3¶
The kuadrantctl generate kuadrant ratelimitpolicy command generates a Kuadrant RateLimitPolicy
from your OpenAPI Specification (OAS) 3.x document powered with Kuadrant extensions.
OpenAPI specification¶
An OpenAPI document resource can be provided to the Kuadrant CLI in one of the following ways:
- Filename in the available path.
- URL format (supported schemes are HTTP and HTTPS). The CLI will try to download from the given address.
- Read from stdinstandard input stream.
Usage¶
Generate Kuadrant RateLimitPolicy from OpenAPI 3.0.x
Usage:
  kuadrantctl generate kuadrant ratelimitpolicy [flags]
Flags:
  -h, --help         help for ratelimitpolicy
  --oas string        Path to OpenAPI spec file (in JSON or YAML format), URL, or '-' to read from standard input (required)
  -o Output format:   'yaml' or 'json'. (default "yaml")
Global Flags:
  -v, --verbose   verbose output
Note: The
kuadrantctl/examplesdirectory in GitHub includes sample OAS 3 files that you can use to generate the resources.
Procedure¶
- 
Clone the Git repository as follows: git clone https://github.com/Kuadrant/kuadrantctl.git cd kuadrantctl ``` 2. Set up a cluster, Istio and Gateway API CRDs, and Kuadrant as follows: * Use the single-cluster quick start script to install Kuadrant in a local `kind` cluster: https://docs.kuadrant.io/latest/getting-started-single-cluster/. 3. Build and install the CLI in `bin/kuadrantctl` path as follows: ```bash make install
- 
Deploy the Petstore backend API as follows: 
- 
Create the Petstore OpenAPI definition as follows: 
cat <<EOF >petstore-openapi.yaml
---
openapi: "3.0.3"
info:
  title: "Pet Store API"
  version: "1.0.0"
x-kuadrant:  ## Root-level Kuadrant extension
  route:
    name: "petstore"
    namespace: "petstore"
    hostnames:
      - example.com
    parentRefs:
      - name: istio-ingressgateway
        namespace: istio-system
servers:
  - url: https://example.io/v1
paths:
  /cat:
    x-kuadrant:  ## Path-level Kuadrant extension
      backendRefs:
        - name: petstore
          port: 80
          namespace: petstore
      rate_limit:
        rates:
          - limit: 1
            duration: 10
            unit: second
        counters:
          - request.headers.x-forwarded-for
    get:  # Added to the route and rate limited
      operationId: "getCat"
      responses:
        405:
          description: "invalid input"
    post:  # NOT added to the route
      x-kuadrant: 
        disable: true
      operationId: "postCat"
      responses:
        405:
          description: "invalid input"
  /dog:
    get:  # Added to the route and rate limited
      x-kuadrant:  ## Operation-level Kuadrant extension
        backendRefs:
          - name: petstore
            port: 80
            namespace: petstore
        rate_limit:
          rates:
            - limit: 3
              duration: 10
              unit: second
          counters:
            - request.headers.x-forwarded-for
      operationId: "getDog"
      responses:
        405:
          description: "invalid input"
    post:  # Added to the route and NOT rate limited
      x-kuadrant:  ## Operation-level Kuadrant extension
        backendRefs:
          - name: petstore
            port: 80
            namespace: petstore
      operationId: "postDog"
      responses:
        405:
          description: "invalid input"
EOF
Note: The
serversbase path is not included. This is work-in-progress in follow-up PRs.
| Operation | Applied configuration | 
|---|---|
| GET /cat | Should return 200 OK and be rate limited (1 req / 10 seconds). | 
| POST /cat | Not added to the HTTPRoute. Should return 404 Not Found. | 
| GET /dog | Should return 200 OK and be rate limited (3 req / 10 seconds). | 
| POST /dog | Should return 200 OK and NOT rate limited. | 
- 
Create the HTTPRoute by using the CLI as follows: 
- 
Create the rate limit policy as follows: 
- 
Test the OpenAPI endpoints as follows: 
- 
GET /cat- Should return 200 OK and be rate limited (1 req / 10 seconds).
- POST /cat- Not added to the HTTPRoute. Should return 404 Not Found.
- GET /dog- Should return 200 OK and be rate limited (3 req / 10 seconds).
- POST /dog- Should return 200 OK and NOT rate limited.