News KrakenD CE v2.7 released with better rate-limiting and security options

Enterprise Documentation

Recent changes

You are viewing a previous version of KrakenD Enterprise Edition (v2.4) , go to the latest version

Rate-limiting backends

Document updated on Jun 23, 2023

No matter what amount of activity the users generate at the router level, you can limit KrakenD’s connections to your backends. The configuration is similar to the router’s rate limit, but it’s declared directly in the backend section instead of the endpoint.

The limit applies per defined backend entry and does not consider the activity other backends generate. Each backend entry handles its counters and does not share them with different backends or endpoints.

The proxy rate limit is defined in the krakend.json configuration file as follows:

      "endpoint": "/products/{cat_id}",
      "backend": [
          "host": [""],
          "url_pattern": "/catalog/category/{cat_id}.rss",
          "encoding": "rss",
          "extra_config": {
              "qos/ratelimit/proxy": {
                  "max_rate": 0.5,
                  "every": "1s",
                  "capacity": 1

These are the parameters you can set:

Fields of Proxy ratelimit
* required fields
capacity  *

The capacity according to the token bucket algorithm. Defines the maximum requests you can do in an instant (including the zero moment when you start the gateway), and can be larger or smaller than the max_rate. When unsure, use the same value of max_rate, so the maximum number of requests can be consumed at once.
Defaults to 1

Time period in which the counter works. For instance, if you set an every of 10m and a max_rate of 5, you are allowing 5 requests every ten minutes.
Specify units using ns (nanoseconds), us or µs (microseconds), ms (milliseconds), s (seconds), m (minutes), or h (hours).
Defaults to "1s"
max_rate  *

Maximum requests per second you want to accept in this backend.
Example: 0.5

Comparison with router rate limit

In a nutshell:

  • The router rate limit controls the requests users do to KrakenD.
  • The proxy rate limit controls KrakenD’s requests to your services.

You don’t have to choose one or the other; you can mix the different types as they cover additional use cases.


Unresolved issues?

The documentation is only a piece of the help you can get! Whether you are looking for Open Source or Enterprise support, see more support channels that can help you.