Throttling allows you to limit the number of hits to an API during a given period of time, typically in cases such as the following:
...
...
IP-level throttling
In IP address based throttling, you can limit the number of requests sent by a client IP (e.g., 10 calls from single client). For example, the throttling policy shown below allows only 1 API call per minute for a client from 10.1.1.1 and 2 calls per minute for a client from any other IP address:
Code Block | ||
---|---|---|
| ||
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle"> <throttle:MediatorThrottleAssertion> <wsp:Policy> <throttle:ID throttle:type="IP">10.1.1.1</throttle:ID> <wsp:Policy> <throttle:Control> <wsp:Policy> <throttle:MaximumCount>1</throttle:MaximumCount> <throttle:UnitTime>60000</throttle:UnitTime> </wsp:Policy> </throttle:Control> </wsp:Policy> </wsp:Policy> <wsp:Policy> <throttle:ID throttle:type="IP">other</throttle:ID> <wsp:Policy> <throttle:Control> <wsp:Policy> <throttle:MaximumCount>2</throttle:MaximumCount> <throttle:UnitTime>60000</throttle:UnitTime> </wsp:Policy> </throttle:Control> </wsp:Policy> </wsp:Policy> </throttle:MediatorThrottleAssertion></wsp:Policy> |
How throttling tiers work
...
The following throttling policy allows 1000 concurrent requests to a service.
Code Block language html/xml <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle" wsu:Id="WSO2MediatorThrottlingPolicy"> <throttle:MediatorThrottleAssertion> <throttle:MaximumConcurrentAccess>1000</throttle:MaximumConcurrentAccess> <wsp:Policy> <throttle:ID throttle:type="IP">other</throttle:ID> </wsp:Policy> </throttle:MediatorThrottleAssertion> </wsp:Policy>
- Start the API Manager, log in to its management console (
https://localhost:9443/carbon
) and click the Resource > Browse menu to view the registry. - Click the
goverence/apimgt/applicationdata
path to go to its detailed view. - In the detail view, click the Resource link and upload the created policy file to the server as a registry resource.
In the management console, select the Service Bus > Source View menu.
The configurations of all APIs created in the API Manager instance opens. To engage the policy to a selected API, add it to your API definition. In this example, we add it to the login API.
Code Block language html/xml <?xml version="1.0" encoding="UTF-8"?><api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMLoginAPI_" context="/login"> <resource methods="POST" url-mapping="/*"> <inSequence> <send> <endpoint> <address uri="https://localhost:9493/oauth2/token"/> </endpoint> </send> </inSequence> <outSequence> <send/> </outSequence> </resource> <handlers> <handler class="org.wso2.carbon.apimgt.gateway.handlers.throttling.APIThrottleHandler"> <property name="id" value="A"/> <property name="policyKey" value="gov:/apimgt/applicationdata/throttle.xml"/> </handler> <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerExtensionHandler"/> </handlers> </api>
Note Be sure to specify the same path used in step 3 in the policy key of your API definition.
- You have successfully engaged a throttling policy to an API.
Go back to Tier Availability section in Creating an API page.