The REST API at /api/rest_v1/ explicitly targets high-volume use cases, and predominantly exposes cheap GET entry points backed by storage. In benchmarks with a six-node cluster, we sustained over 10k req/s for HTML revisions. Based on this, our guideline for this API is for clients to not send more than 200 req/s.
The recently-merged limits at https://gerrit.wikimedia.org/r/#/c/241643/ are significantly lower than this:
// TBF: "1, 0.02s, 250" == "50/s, burst of 250"
We have clients like Google averaging about 15 req/s, and Kiwix hitting 50 req/s when performing an HTML dump, which are both dangerously close to the limit set here. All of those requests are GETs.
To avoid legitimate use cases being blocked, I would like to request increasing the limits applying to /api/rest_v1/ to reflect our intended limits of a sustained rate around 200 req/s. My main concern is about GETs. IPOST entry points are significantly lower traffic and more expensive, so it would actually be nice to keep the POST limit at around what is currently set in Varnish.