Content differences:
--- /etc/envoy/listeners.d/00-tls_terminator_443.yaml.orig
+++ /etc/envoy/listeners.d/00-tls_terminator_443.yaml
@@ -41,26 +41,26 @@
retry_policy:
num_retries: 1
retry_on: "5xx"
- typed_per_filter_config:
- envoy.filters.http.ratelimit.resp:
- "@type": type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimitPerRoute
- rate_limits:
- - hits_addend:
- format: "%BYTES_SENT%"
- apply_on_stream_done: true
- # NOTE: If one of the headers referenced below is not set, the rate limit is not applied.
- actions:
- # Provide the user's identity (x-client-ip is set at the edge) as the counter key
- - request_headers:
- descriptor_key: user_id
- header_name: x-client-ip
- # Hardcode the policy and user class for now
- - generic_key:
- descriptor_key: policy
- descriptor_value: thumbnails
- - generic_key:
- descriptor_key: user_class
- descriptor_value: anon
+ typed_per_filter_config:
+ envoy.filters.http.ratelimit.resp:
+ "@type": type.googleapis.com/envoy.extensions.filters.http.ratelimit.v3.RateLimitPerRoute
+ rate_limits:
+ - hits_addend:
+ format: "%BYTES_SENT%"
+ apply_on_stream_done: true
+ # NOTE: If one of the headers referenced below is not set, the rate limit is not applied.
+ actions:
+ # Provide the user's identity (x-client-ip is set at the edge) as the counter key
+ - request_headers:
+ descriptor_key: user_id
+ header_name: x-client-ip
+ # Hardcode the policy and user class for now
+ - generic_key:
+ descriptor_key: policy
+ descriptor_value: thumbnails
+ - generic_key:
+ descriptor_key: user_class
+ descriptor_value: anon
http_filters:
- name: envoy.filters.http.ratelimit.resp
typed_config:
@@ -68,7 +68,7 @@
domain: upload
request_type: both
stage: 0
- failure_type_deny: false # return 200 if rate limit service is unavailable
+ failure_mode_deny: false # return 200 if rate limit service is unavailable
enable_x_ratelimit_headers: DRAFT_VERSION_03
rate_limit_service:
transport_api_version: V3