cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Min Chen <>
Subject [MERGE] Merge branch api_limit
Date Fri, 18 Jan 2013 00:09:58 GMT
Hey all,

I would like to merge my feature branch api_limit with master. This branch deals with JIRA
tickets CLOUDSTACK-618. Basically it implemented a plugin to provide basic support for api
rate limiting to avoid malicious attack on CloudStack server. Implementation details can be
found in this FS document
For this release, we have chosen to implement Ehcache based rate limit store. With clearly
defined limit store interface, we can easily extend this to provide other limit store implementations
based on Memcached or Redis which rely on setting up a dedicated proxy server.

Testing done

I have done the following two kinds of testing during development cycle:

 *   Unit test to verify ApiRateLimitService pluggable service interface and Limit Store interface
methods. These unit testcases are located in plugins/api/rate-limit/test/org/apache/cloudstack/ratelimit/
 *   Integration test to verify rate limit feature and new APIs through a running MS. These
integration testcases are located in plugins/api/rate-limit/test/org/apache/cloudstack/ratelimit/integration/
These test cases are assuming that we have a "demo" user account created on your locally running


This has minimal risk due to its plugin implementation. We can easily disable this feature
by removing this plugin from A potential impact may be that if this is
enabled, UI needs to handle this situation (api failed due to over limit) gracefully.

Database changes

Documentation tracked in a separate ticket: CLOUDSTACK-866


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message