introduce
Rate limiting is a key technology in building scalable and resilient systems. It helps control traffic by imposing limits on the number of requests allowed in a specified time range. Implementing rate limiting in Go ensures optimal resource utilization and protects your application from excessive traffic or abuse. In this blog post, we will explore the rate limiting techniques in Go and provide practical code examples to help you implement them efficiently.
Understand rate limits
Rate limiting involves defining a set of rules that determine how many requests a client can make within a given time window. Ensure that the system can handle the load and prevent abuse or denial of service attacks. Two common ways to limit rates are:
- Fixed window rate limiting: In this method, the rate limiting is enforced within a fixed time window. For example, if the rate limit is set to 100 requests per minute, the system will allow up to 100 requests in any given 60 second window. Requests exceeding this limit will be denied or delayed to the next time window.
- Token bucket rate limit: Token bucket rate limit is based on the concept of consuming tokens from a bucket. The bucket is initially filled with a fixed number of tokens, each representing a request. When the client wants to make a request, it must get the token from the bucket. If the bucket is empty, the client must wait until the token is available.
Implement rate limiting in GO
Go provides a name called/x/time/ratebuilt-in package that provides rate limiting functionality. Let's explore how to implement rate limiting using both fixed window and token bucket methods.
Fixed window
func fixedWindowRateLimiting() {
limiter := ((100), 1) // 100 times per second allowed for i := 0; i < 200; i++ {
if !() {
("Rate limit exceeded. Request rejected.")
continue
}
go process()
}
}
// Process the requestfunc process() {
("Request processed successfully.")
() // Simulate request processing time}In the above code snippet, we created a limit usage rate. Rate limit is 100 requests per secondNewLimiter. Called for each request()Method, if request is allowed, returnstrue;If the rate limit is exceeded, returnfalse. If the rate limit is exceeded, the request will be denied.
The corresponding output is to clearly see that some requests have been denied:
Request processed successfully.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
...
Token bucket
func tokenBucketRateLimiting() {
limiter := ((10), 5)
ctx, _ := ((), )
for i := 0; i < 200; i++ {
if err := (ctx); err != nil {
("Rate limit exceeded. Request rejected.")
continue
}
go process()
}
}
// Process the requestfunc process() {
("Request processed successfully.")
() // Simulate request processing time}In the above code, we useA limiter was created with a rate limit of 10 requests per second and 5 requests burst. Each request will be called()method, this method will block until a token is available. If the bucket is empty and there is no available token, the request will be denied.
The corresponding output is to clearly see that some requests have been denied:
Request processed successfully.
Rate limit exceeded. Request rejected.
Rate limit exceeded. Request rejected.
Request processed successfully.
Rate limit exceeded. Request rejected.
Dynamic rate limit
Dynamic rate limiting refers to adjusting rate limiting based on dynamic factors such as client behavior, system load or business rules. This technology allows you to adjust rate limits in real time to optimize resource utilization and provide a better user experience. Let's take a look at an example of dynamic rate limiting in Go:
func dynamicRateLimiting() {
limiter := ((10), 1) // 100 times per second allowed // Dynamic rate adjustment
go func() {
( * 10) // Adjust limiter every 10 seconds ("---adjust limiter---")
((200)) // Raise limiter to 200 per second }()
for i := 0; i < 3000; i++ {
if !() {
("Rate limit exceeded. Request rejected.")
( * 100)
continue
}
process()
}
}
// Process the requestfunc process() {
("Request processed successfully.")
( * 10) // Simulate request processing time}In the above code snippet, we create a limiter with the initial rate limit of 10 requests per second. Then, we start agoroutine, adjust the rate limit to 200 requests per second after 10 seconds. This way, we can dynamically adjust the rate limits based on changing situations.
The corresponding output is, here we can see that some requests have been rejected in the middle of the journey. Later, we adjusted dynamically and subsequent requests can be passed normally:
...
Request processed successfully.
Rate limit exceeded. Request rejected.
Request processed successfully.
---adjust limiter---
Rate limit exceeded. Request rejected.
Request processed successfully.
Request processed successfully.
Request processed successfully.
Request processed successfully.
Request processed successfully.
...
Adaptive rate limiting
Adaptive rate limiting can dynamically adjust the rate limit based on the response time or error rate of the previous request. It allows the system to automatically adapt to different traffic conditions, ensuring optimal performance and resource utilization. Let's take a look at an example of adaptive rate limiting in Go:
func adaptiveRateLimiting() {
limiter := ((10), 1) // Allow 10 times per second // Adaptive adjustment go func() {
for {
( * 10)
responseTime := measureResponseTime() // Measure the response time of previous requests if responseTime > 500* {
("---adjust limiter 50---")
((50))
} else {
("---adjust limiter 100---")
((100))
}
}
}()
for i := 0; i < 3000; i++ {
if !() {
("Rate limit exceeded. Request rejected.")
( * 100)
continue
}
process()
}
}
// Measure the response time of previous requests// Execute your own logic to measure response timefunc measureResponseTime() {
return * 100
}
// Process the requestfunc process() {
("Request processed successfully.")
( * 10) // Simulate request processing time}In the above code snippet, we usemeasureResponseTimeFunction simulation measures the response time of the previous request. Based on the measured response time, we useSet different values to dynamically adjust the rate limit. In this way, the system can adjust its rate limiting strategy based on the observed response time.
The corresponding output is:
Request processed successfully.
Rate limit exceeded. Request rejected.
Request processed successfully.
Rate limit exceeded. Request rejected.
---adjust limiter 100---
Request processed successfully.
Request processed successfully.
Request processed successfully.
Request processed successfully.
Request processed successfully.
Summarize
Rate limiting is the basic technique for maintaining the stability and security of Go applications. By effectively controlling the traffic of incoming requests, you can prevent resource exhaustion and ensure fair distribution of resources. In this blog post, we explore the concept of fixed window and token bucket rate limiting and provide code snippets that demonstrate how to use/x/time/ratePackage implements them in Go. Incorporate rate limits into your application to build resilient systems that can handle different traffic levels efficiently.
Of course, you can use third-party libraries to implement it, for example:/ratelimit
The above is the detailed content of dynamic rate limiting in Go. For more information about dynamic control of Go traffic, please pay attention to my other related articles!