Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 15F2ED2A2 for ; Thu, 20 Dec 2012 09:23:56 +0000 (UTC) Received: (qmail 6098 invoked by uid 500); 20 Dec 2012 09:23:55 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 5998 invoked by uid 500); 20 Dec 2012 09:23:55 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 5975 invoked by uid 99); 20 Dec 2012 09:23:54 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Dec 2012 09:23:54 +0000 X-ASF-Spam-Status: No, hits=-2.3 required=5.0 tests=RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Ram.Ganesh@citrix.com designates 203.166.19.134 as permitted sender) Received: from [203.166.19.134] (HELO SMTP.CITRIX.COM.AU) (203.166.19.134) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 20 Dec 2012 09:23:46 +0000 X-IronPort-AV: E=Sophos;i="4.84,322,1355097600"; d="scan'208";a="152801" Received: from banpmailmx01.citrite.net ([10.103.128.73]) by SYDPIPO01.CITRIX.COM.AU with ESMTP/TLS/RC4-MD5; 20 Dec 2012 09:23:22 +0000 Received: from BANPMAILBOX01.citrite.net ([10.103.128.72]) by BANPMAILMX01.citrite.net ([10.103.128.73]) with mapi; Thu, 20 Dec 2012 14:53:20 +0530 From: Ram Ganesh To: "cloudstack-dev@incubator.apache.org" Date: Thu, 20 Dec 2012 14:53:18 +0530 Subject: RE: [DISCUSS]API request throttling Thread-Topic: [DISCUSS]API request throttling Thread-Index: Ac3eGYLXdE084in4QAuzx62ZPN3F9QAeUBJA Message-ID: <35F04D4C394874409D9BE4BF45AC5EA9010B2807B930@BANPMAILBOX01.citrite.net> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org How do we characterize the behaviour for a UI/self-service portal user? A s= ingle UI screen can result anywhere from 1 to N API requests. Would it not = lead CloudStack to some inconsistent state? What if the UI configuration sp= ans time duration window? Thanks, RamG > -----Original Message----- > From: Min Chen [mailto:min.chen@citrix.com] > Sent: 20 December 2012 00:19=09 > To: cloudstack-dev@incubator.apache.org > Subject: [DISCUSS]API request throttling >=20 > Hi all, >=20 > Currently, the legitimate users of CloudStack can occasionally hammer > the server with heavy API requests that cause undesirable results, like > killing the server, performance issues for other CloudStack users. > Also, it may become a mechanism for certain malicious users to do > malicious attacks to CloudStack service to cause cloud outage. To > prevent certain things happen, we would like to introduce API request > throttling feature to limit number of APIs that can be placed by each > account within certain time duration and will block API requests if the > account is over the limit so that he/she have to retry later. The > detailed FS can be found at > https://cwiki.apache.org/confluence/display/CLOUDSTACK/API+Request+Thro > ttling. >=20 > Please let me know any comments and suggestions. >=20 > Thanks > -min