Build: Implement rate limiting and circuit breaker for API and RPC services.

2025-10-25 12:42:12 +08:00 · 2025-09-22 10:28:35 +08:00 · 2025-09-22 10:28:35 +08:00 · 749ec0b445
commit 749ec0b445
parent 9bd6f3d356
11 changed files with 64 additions and 16 deletions
--- a/config/openim-msggateway.yml
+++ b/config/openim-msggateway.yml
@ -42,4 +42,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-msgtransfer.yml
+++ b/config/openim-msgtransfer.yml
@ -22,4 +22,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-push.yml
+++ b/config/openim-push.yml
@ -25,7 +25,7 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
 prometheus:
  # Enable or disable Prometheus monitoring
--- a/config/openim-rpc-auth.yml
+++ b/config/openim-rpc-auth.yml
@ -36,4 +36,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-rpc-conversation.yml
+++ b/config/openim-rpc-conversation.yml
@ -32,4 +32,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-rpc-friend.yml
+++ b/config/openim-rpc-friend.yml
@ -32,4 +32,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-rpc-group.yml
+++ b/config/openim-rpc-group.yml
@ -35,4 +35,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/config/openim-rpc-third.yml
+++ b/config/openim-rpc-third.yml
@ -32,7 +32,7 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
 object:
  # Use MinIO as object storage, or set to "cos", "oss", "kodo", "aws", while also configuring the corresponding settings
--- a/config/openim-rpc-user.yml
+++ b/config/openim-rpc-user.yml
@ -32,4 +32,4 @@ circuitBreaker:
  window: 3s            # Time window size (seconds)
  bucket: 10            # Number of buckets
  success: 0.6          # Success rate threshold (0.6 means 60%)
-  requestThreshold: 100 # Request threshold; circuit breaker evaluation occurs when reached
+  request: 100 # Request threshold; circuit breaker evaluation occurs when reached
--- a/internal/api/ratelimit.go
+++ b/internal/api/ratelimit.go
@ -1,7 +1,10 @@
 package api
 import (
 	"fmt"
 	"math"
 	"net/http"
 	"strconv"
 	"time"
 	"github.com/gin-gonic/gin"
@ -12,7 +15,6 @@ import (
 	"github.com/openimsdk/tools/log"
 )
 type RateLimiter struct {
 	Enable       bool          `yaml:"enable"`
 	Window       time.Duration `yaml:"window"`       // time duration per window
@ -34,8 +36,23 @@ func RateLimitMiddleware(config *RateLimiter) gin.HandlerFunc {
 	)
 	return func(c *gin.Context) {
 		status := limiter.Stat()
 		c.Header("X-BBR-CPU", strconv.FormatInt(status.CPU, 10))
 		c.Header("X-BBR-MinRT", strconv.FormatInt(status.MinRt, 10))
 		c.Header("X-BBR-MaxPass", strconv.FormatInt(status.MaxPass, 10))
 		c.Header("X-BBR-MaxInFlight", strconv.FormatInt(status.MaxInFlight, 10))
 		c.Header("X-BBR-InFlight", strconv.FormatInt(status.InFlight, 10))
 		done, err := limiter.Allow()
 		if err != nil {
 			c.Header("X-RateLimit-Policy", "BBR")
 			c.Header("Retry-After", calculateBBRRetryAfter(status))
 			c.Header("X-RateLimit-Limit", strconv.FormatInt(status.MaxInFlight, 10))
 			c.Header("X-RateLimit-Remaining", "0") // There is no concept of remaining quota in BBR.
 			fmt.Println("rate limited:", err, "path:", c.Request.URL.Path)
 			log.ZWarn(c, "rate limited", err, "path", c.Request.URL.Path)
 			c.AbortWithStatus(http.StatusTooManyRequests)
 			apiresp.GinError(c, errs.NewCodeError(http.StatusTooManyRequests, "too many requests, please try again later"))
@ -47,3 +64,20 @@ func RateLimitMiddleware(config *RateLimiter) gin.HandlerFunc {
 		done(ratelimit.DoneInfo{})
 	}
 }
 func calculateBBRRetryAfter(status bbr.Stat) string {
 	loadRatio := float64(status.CPU) / float64(status.CPU)
 	if loadRatio < 0.8 {
 		return "1"
 	}
 	if loadRatio < 0.95 {
 		return "2"
 	}
 	backoff := 1 + int64(math.Pow(loadRatio-0.95, 2)*50)
 	if backoff > 5 {
 		backoff = 5
 	}
 	return strconv.FormatInt(backoff, 10)
 }
--- a/pkg/common/startrpc/circuitbreaker.go
+++ b/pkg/common/startrpc/circuitbreaker.go
@ -49,10 +49,17 @@ func UnaryCircuitBreakerInterceptor(breaker circuitbreaker.CircuitBreaker) grpc.
 		resp, err = handler(ctx, req)
 		if err != nil {
-			if st, ok := status.FromError(err); ok && st.Code() == codes.Internal {
+			if st, ok := status.FromError(err); ok {
-				breaker.MarkFailed()
+				switch st.Code() {
-			} else {
+				case codes.OK:
 					breaker.MarkSuccess()
 				case codes.InvalidArgument, codes.NotFound, codes.AlreadyExists, codes.PermissionDenied:
 					breaker.MarkSuccess()
 				default:
 					breaker.MarkFailed()
 				}
 			} else {
 				breaker.MarkFailed()
 			}
 		} else {
 			breaker.MarkSuccess()
@ -79,10 +86,17 @@ func StreamCircuitBreakerInterceptor(breaker circuitbreaker.CircuitBreaker) grpc
 		err := handler(srv, ss)
 		if err != nil {
-			if st, ok := status.FromError(err); ok && st.Code() == codes.Internal {
+			if st, ok := status.FromError(err); ok {
-				breaker.MarkFailed()
+				switch st.Code() {
-			} else {
+				case codes.OK:
 					breaker.MarkSuccess()
 				case codes.InvalidArgument, codes.NotFound, codes.AlreadyExists, codes.PermissionDenied:
 					breaker.MarkSuccess()
 				default:
 					breaker.MarkFailed()
 				}
 			} else {
 				breaker.MarkFailed()
 			}
 		} else {
 			breaker.MarkSuccess()