Page MenuHomePhabricator
Create Task
Maniphest T101398

cxserver: rate limiting
Closed, ResolvedPublic
Actions

Description

To provide fair service to all users of cxserver, we should implement rate limiter to not allow any single user to consume too many resources.

Some considerations for choosing a rate limiter:

  • Cxserver is currently stateless, but rate limiting requires state.
  • We can either rate limit all type of requests, or just those which consume most resources.
  • We can rate limit by the number of requests, or for example amount of characters to translate.
  • Rate limiting can be based on IP address or username for services which require authentication.

We can either implement rate limiting our selves, or we could use a existing package such as this or this if redis is available. If we want to implement it our selves, we need to create some kind of system to purge unused state to avoid indefinitely expanding storage as new users use the system. Also need to take care that the state is stored globally and not locally for each thread. Using redis avoid this problem completely, also in case we restart cxserver. The problem with the those two existing packages is that they only allow limiting by request count.

Related Objects
Search...

Event Timeline

Nikerabbit created this task.Jun 4 2015, 2:45 PM
Nikerabbit claimed this task.
Nikerabbit raised the priority of this task from to High.
Nikerabbit updated the task description. (Show Details)
Nikerabbit added projects: LE-Sprint-87, ContentTranslation-Release5, ContentTranslation, ContentTranslation-CXserver.
Nikerabbit added subscribers: Arrbee, KartikMistry, santhosh and 2 others.
santhosh added subscribers: GWicke, Services.Jun 4 2015, 3:15 PM

@GWicke, Could you please advice what is the best option here? We need this kind of gating to use MT systems that are hosted outside our cluster.

santhosh moved this task from Backlog to In Progress on the LE-Sprint-87 board.Jun 5 2015, 4:16 AM
santhosh set Security to None.Jun 9 2015, 8:05 AM
santhosh edited a custom field.
Arrbee edited projects, added LE-Sprint-88; removed LE-Sprint-87.Jun 9 2015, 9:25 AM
GWicke added a comment.Jun 9 2015, 11:33 PM

@santhosh, rate limiting is indeed tricky and something we need for our APIs in general. To clarify, are the requests you are interested in external (from public IPs) or internal?

Nikerabbit added a comment.Jun 10 2015, 5:48 AM

Could be both, but currently the requests for MT on Special:ContentTranslation come directly from browser to cxserver.

Amire80 subscribed.Jun 10 2015, 7:55 AM

[ Meta: Not sure how to classify it in the workboard. Bugs? Tech debt? Create a new column for Performance? Something else? @Arrbee, @Nikerabbit - suggestions are welcome. ]

GWicke mentioned this in T102037: Add generic rate limiting support in RESTBase.Jun 10 2015, 7:49 PM
Amire80 moved this task from Needs Triage to CX5 on the ContentTranslation board.Jun 23 2015, 8:15 AM
Amire80 edited projects, added ContentTranslation-Release6; removed ContentTranslation-Release5.Jul 2 2015, 12:56 PM
Amire80 moved this task from Backlog to Entry Points on the ContentTranslation-Release6 board.
Amire80 moved this task from Entry Points to Tech Debt on the ContentTranslation-Release6 board.Jul 2 2015, 1:23 PM
Amire80 moved this task from Tech Debt to Deployments on the ContentTranslation-Release6 board.Jul 2 2015, 1:55 PM
Amire80 moved this task from CX5 to CX6 on the ContentTranslation board.Jul 2 2015, 4:32 PM
Nikerabbit mentioned this in T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context.Jul 7 2015, 7:49 PM
Nikerabbit removed a parent task: T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context.Jul 21 2015, 4:29 PM
Nikerabbit added a subtask: T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context.
GWicke added a project: Services.Jul 21 2015, 4:54 PM
Nikerabbit removed Nikerabbit as the assignee of this task.Jul 21 2015, 7:36 PM
Arrbee removed a project: LE-Sprint-88.Jul 21 2015, 9:24 PM
Amire80 moved this task from Backlog to Performance on the ContentTranslation-CXserver board.Jul 29 2015, 3:11 PM
GWicke mentioned this in T107934: Reliable and scaleable rate limiting mechanism for RESTBase API entry points.Aug 4 2015, 8:24 PM
Arrbee closed subtask T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context as Resolved.Aug 6 2015, 8:15 AM
Arrbee reopened subtask T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context as Open.Aug 11 2015, 6:41 AM
Arrbee closed subtask T97113: MT Api - provide an identification mechanism to allow requests only from a valid MW context as Resolved.Aug 25 2015, 6:45 AM
Amire80 added a parent task: T111534: Allow external users access to cxserver.Sep 4 2015, 4:08 PM
santhosh mentioned this in ContentTranslation-Release7.Sep 22 2015, 11:16 AM
santhosh edited projects, added ContentTranslation-Release7; removed ContentTranslation-Release6.Sep 25 2015, 12:15 PM
santhosh edited a custom field.
Amire80 moved this task from CX6 to CX7 on the ContentTranslation board.Oct 2 2015, 2:45 PM
Amire80 moved this task from Backlog to High-priority Bugs on the ContentTranslation-Release7 board.Oct 8 2015, 6:03 PM
Amire80 added a project: Essential-Work.Oct 19 2015, 6:47 AM
Amire80 moved this task from CX7 to CX8 on the ContentTranslation board.Jan 24 2016, 10:31 PM
Amire80 edited projects, added ContentTranslation-Release8; removed ContentTranslation-Release7.Jan 27 2016, 8:05 AM

Is there any update about this, now that we moved to service runner?

GWicke added a comment.Jan 28 2016, 6:39 PM

We did look into rate limiting options using redis, but would prefer to avoid the complexity & SPOF issues around that.

I thought we already had a tracking bug for rate limiting, but couldn't find it. So, I created T125123 to track progress.

GWicke added a subtask: T125123: Add rate limiter functionality to service-runner.Jan 28 2016, 6:39 PM
Amire80 moved this task from Backlog to Infrastructure WMF requirements on the ContentTranslation-Release8 board.Feb 3 2016, 6:20 AM
GWicke closed subtask T125123: Add rate limiter functionality to service-runner as Resolved.Mar 4 2016, 10:38 PM

@Amire80, @Nikerabbit: Rate limiter functionality is now part of service-runner, and is also about to be used in RESTBase. See the module documentation.

Arrbee removed a project: ContentTranslation-Release8.Apr 20 2016, 9:42 AM
Amire80 moved this task from CX8 to Bugs on the ContentTranslation board.Apr 20 2016, 1:12 PM
GWicke added a comment.Jun 14 2016, 12:42 AM

As a quick update, we have been using the service-runner rate limiting functionality in production for several weeks now, and have not encountered any issues.

Danny_B removed a subscriber: Services.Jul 26 2016, 11:58 PM
GWicke lowered the priority of this task from High to Medium.Oct 12 2016, 10:28 PM
GWicke edited projects, added Services (watching); removed Services.
Arrbee edited projects, added CX-cxserver; removed ContentTranslation-CXserver, ContentTranslation.Jun 22 2018, 1:50 PM
Arrbee moved this task from Backlog to Parsing and annotation on the CX-cxserver board.
Arrbee moved this task from Parsing and annotation to Performance on the CX-cxserver board.
mobrovac added a project: Platform Team Legacy (Watching / External).Dec 20 2018, 12:02 PM
KartikMistry added a comment.Jan 7 2020, 3:46 PM

@Nikerabbit Can this be closed as we've implemented https://phabricator.wikimedia.org/T210581 ?

santhosh closed this task as Resolved.Jan 8 2020, 5:51 AM
santhosh claimed this task.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits