apis: add local rate limiting to UpstreamTrafficSetting (#4796)

Adds the local rate limiting API to the UpstreamTrafficSetting
spec.

Part of #2018

Signed-off-by: Shashank Ram <[email protected]>

Author: shashankram

pkg/apis/policy/v1alpha1/upstreamtrafficsetting.go

@@ -38,6 +38,20 @@ type UpstreamTrafficSettingSpec struct {
 	// directed to the upstream host.
 	// +optional
 	ConnectionSettings *ConnectionSettingsSpec `json:"connectionSettings,omitempty"`
+
+	// RateLimit specifies the rate limit settings for the traffic
+	// directed to the upstream host.
+	// If HTTP rate limiting is specified, the rate limiting is applied
+	// at the VirtualHost level applicable to all routes within the
+	// VirtualHost.
+	// +optional
+	RateLimit *RateLimitSpec `json:"rateLimit,omitempty"`
+
+	// HTTPRoutes defines the list of HTTP routes settings
+	// for the upstream host. Settings are applied at a per
+	// route level.
+	// +optional
+	HTTPRoutes []HTTPRouteSpec `json:"httpRoutes,omitempty"`
 }
 
 // ConnectionSettingsSpec defines the connection settings for an
@@ -99,6 +113,111 @@ type HTTPConnectionSettings struct {
 	MaxRetries *uint32 `json:"maxRetries,omitempty"`
 }
 
+// RateLimitSpec defines the rate limiting specification for
+// the upstream host.
+type RateLimitSpec struct {
+	// Local specified the local rate limiting specification
+	// for the upstream host.
+	// Local rate limiting is enforced directly by the upstream
+	// host without any involvement of a global rate limiting service.
+	// This is applied as a token bucket rate limiter.
+	// +optional
+	Local *LocalRateLimitSpec `json:"local,omitempty"`
+}
+
+// LocalRateLimitSpec defines the local rate limiting specification
+// for the upstream host.
+type LocalRateLimitSpec struct {
+	// TCP defines the local rate limiting specification at the network
+	// level. This is a token bucket rate limiter where each connection
+	// consumes a single token. If the token is available, the connection
+	// will be allowed. If no tokens are available, the connection will be
+	// immediately closed.
+	// +optional
+	TCP *TCPLocalRateLimitSpec `json:"tcp,omitempty"`
+
+	// HTTP defines the local rate limiting specification for HTTP traffic.
+	// This is a token bucket rate limiter where each request consumes
+	// a single token. If the token is available, the request will be
+	// allowed. If no tokens are available, the request will receive the
+	// configured rate limit status.
+	HTTP *HTTPLocalRateLimitSpec `json:"http,omitempty"`
+}
+
+// TCPLocalRateLimitSpec defines the local rate limiting specification
+// for the upstream host at the TCP level.
+type TCPLocalRateLimitSpec struct {
+	// Connections defines the number of connections allowed
+	// per unit of time before rate limiting occurs.
+	Connections uint32 `json:"connections"`
+
+	// Unit defines the period of time within which connections
+	// over the limit will be rate limited.
+	// Valid values are "second", "minute" and "hour".
+	Unit string `json:"unit"`
+
+	// Burst defines the number of connections above the baseline
+	// rate that are allowed in a short period of time.
+	// +optional
+	Burst uint32 `json:"burst,omitempty"`
+}
+
+// HTTPLocalRateLimitSpec defines the local rate limiting specification
+// for the upstream host at the HTTP level.
+type HTTPLocalRateLimitSpec struct {
+	// Requests defines the number of requests allowed
+	// per unit of time before rate limiting occurs.
+	Requests uint32 `json:"requests"`
+
+	// Unit defines the period of time within which requests
+	// over the limit will be rate limited.
+	// Valid values are "second", "minute" and "hour".
+	Unit string `json:"unit"`
+
+	// Burst defines the number of requests above the baseline
+	// rate that are allowed in a short period of time.
+	// +optional
+	Burst uint32 `json:"burst,omitempty"`
+
+	// ResponseStatusCode defines the HTTP status code to use for responses
+	// to rate limited requests. Code must be in the 400-599 (inclusive)
+	// error range. If not specified, a default of 429 (Too Many Requests) is used.
+	// +optional
+	ResponseStatusCode uint32 `json:"responseStatusCode,omitempty"`
+
+	// ResponseHeadersToAdd defines the list of HTTP headers that should be
+	// added to each response for requests that have been rate limited.
+	// +optional
+	ResponseHeadersToAdd []HTTPHeaderValue `json:"responseHeadersToAdd,omitempty"`
+}
+
+// HTTPHeaderValue defines an HTTP header name/value pair
+type HTTPHeaderValue struct {
+	// Name defines the name of the HTTP header.
+	Name string `json:"name"`
+
+	// Value defines the value of the header corresponding to the name key.
+	Value string `json:"value"`
+}
+
+// HTTPRouteSpec defines the settings correspondng to an HTTP route
+type HTTPRouteSpec struct {
+	// Path defines the HTTP path.
+	Path string `json:"path"`
+
+	// RateLimit defines the HTTP rate limiting specification for
+	// the specified HTTP route.
+	RateLimit *HTTPPerRouteRateLimitSpec `json:"rateLimit,omitempty"`
+}
+
+// HTTPPerRouteRateLimitSpec defines the rate limiting specification
+// per HTTP route.
+type HTTPPerRouteRateLimitSpec struct {
+	// Local defines the local rate limiting specification
+	// applied per HTTP route.
+	Local *HTTPLocalRateLimitSpec `json:"local,omitempty"`
+}
+
 // UpstreamTrafficSettingStatus defines the status of an UpstreamTrafficSetting resource.
 type UpstreamTrafficSettingStatus struct {
 	// CurrentStatus defines the current status of an UpstreamTrafficSetting resource.