1apiVersion: config.istio.io/v1alpha2
2kind: handler
3metadata:
4  name: redishandler
5  namespace: istio-system
6spec:
7  compiledAdapter: redisquota
8  params:
9    redisServerUrl: redis-release-master:6379
10    connectionPoolSize: 10
11    quotas:
12    - name: requestcountquota.instance.istio-system
13      maxAmount: 500
14      validDuration: 1s
15      bucketDuration: 500ms
16      rateLimitAlgorithm: ROLLING_WINDOW
17      # The first matching override is applied.
18      # A requestcount instance is checked against override dimensions.
19      overrides:
20      # The following override applies to 'reviews' regardless
21      # of the source.
22      - dimensions:
23          destination: reviews
24        maxAmount: 1
25      # The following override applies to 'productpage' when
26      # the source is a specific ip address.
27      - dimensions:
28          destination: productpage
29          source: "10.28.11.20"
30        maxAmount: 500
31      # The following override applies to 'productpage' regardless
32      # of the source.
33      - dimensions:
34          destination: productpage
35        maxAmount: 2
36---
37apiVersion: config.istio.io/v1alpha2
38kind: instance
39metadata:
40  name: requestcountquota
41  namespace: istio-system
42spec:
43  compiledTemplate: quota
44  params:
45    dimensions:
46      source: request.headers["x-forwarded-for"] | "unknown"
47      destination: destination.labels["app"] | destination.workload.name | "unknown"
48      destinationVersion: destination.labels["version"] | "unknown"
49---
50apiVersion: config.istio.io/v1alpha2
51kind: QuotaSpec
52metadata:
53  name: request-count
54  namespace: istio-system
55spec:
56  rules:
57  - quotas:
58    - charge: 1
59      quota: requestcountquota
60---
61apiVersion: config.istio.io/v1alpha2
62kind: QuotaSpecBinding
63metadata:
64  name: request-count
65  namespace: istio-system
66spec:
67  quotaSpecs:
68  - name: request-count
69    namespace: istio-system
70  services:
71  - name: productpage
72    namespace: default
73    #  - service: '*'  # Uncomment this to bind *all* services to request-count
74---
75apiVersion: config.istio.io/v1alpha2
76kind: rule
77metadata:
78  name: quota
79  namespace: istio-system
80spec:
81  # quota only applies if you are not logged in.
82  # match: match(request.headers["cookie"], "session=*") == false
83  actions:
84  - handler: redishandler
85    instances:
86    - requestcountquota
87---
88