Build: Implement rate limiting and circuit breaker for API and RPC services. (#3572)

* feat: implement ratelimit and circuitbreaker in middleware. * Build: Implement rate limiting and circuit breaker for API and RPC services. * revert change. * update ratelimiter and circuitbreaker config. * update tools to openimsdk tools
2026-04-28 14:29:19 +08:00 · 2025-11-05 15:12:06 +08:00
parent 3a1c8df3b9
commit 07badb162f
31 changed files with 574 additions and 24 deletions
@@ -17,3 +17,13 @@ prometheus:
  ports:
  # This address can be accessed via a browser
  grafanaURL:
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
@@ -26,3 +26,20 @@ longConnSvr:
  websocketMaxMsgLen: 4096
  # WebSocket connection handshake timeout in seconds
  websocketTimeout: 10
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -6,3 +6,20 @@ prometheus:
  # List of ports that Prometheus listens on; each port corresponds to an instance of monitoring. Ensure these are managed accordingly
  # It will only take effect when autoSetPorts is set to false.
  ports:
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -10,10 +10,26 @@ rpc:
  # It will only take effect when autoSetPorts is set to false.
  ports:

+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached

 prometheus:
  # Enable or disable Prometheus monitoring
-  enable: true
+  enable: false
  # List of ports that Prometheus listens on; these must match the number of rpc.ports to ensure correct monitoring setup
  # It will only take effect when autoSetPorts is set to false.
  ports:
@@ -20,3 +20,20 @@ prometheus:
 tokenPolicy:
  # Token validity period, in days
  expire: 90
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -16,3 +16,20 @@ prometheus:
  # List of ports that Prometheus listens on; these must match the number of rpc.ports to ensure correct monitoring setup
  # It will only take effect when autoSetPorts is set to false.
  ports:
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -16,3 +16,20 @@ prometheus:
  # List of ports that Prometheus listens on; these must match the number of rpc.ports to ensure correct monitoring setup
  # It will only take effect when autoSetPorts is set to false.
  ports:
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -19,3 +19,20 @@ prometheus:


 enableHistoryForNewMembers: true
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -20,3 +20,20 @@ prometheus:

 # Does sending messages require friend verification
 friendVerify: false
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached
@@ -17,6 +17,22 @@ prometheus:
  # It will only take effect when autoSetPorts is set to false.
  ports:

+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached

 object:
  # Use MinIO as object storage, or set to "cos", "oss", "kodo", "aws", while also configuring the corresponding settings
@@ -16,3 +16,20 @@ prometheus:
  # Prometheus listening ports, must be consistent with the number of rpc.ports
  # It will only take effect when autoSetPorts is set to false.
  ports:
+
+ratelimiter:
+  # Whether to enable rate limiting
+  enable: false
+  # WindowSize defines time duration per window
+  window: 20s
+  # BucketNum defines bucket number for each window
+  bucket: 500
+  # CPU threshold; valid range 0–1000 (1000 = 100%)
+  cpuThreshold: 850
+
+circuitBreaker:
+  enable: false
+  window: 5s            # Time window size (seconds)
+  bucket: 100            # Number of buckets
+  success: 0.6          # Success rate threshold (0.6 means 60%)
+  request: 500 # Request threshold; circuit breaker evaluation occurs when reached