Quota enforcement
Quota enforcement provides precise threshold specification for traffic control, and supports flexible counting for any specific occurrences and counting for concurrent transactions. Administrative control and possible sanctions are imposed on requests when the threshold is exceeded.
Quota enforcement is implemented by calling a GatewayScript file on the processing action. The
GatewayScript file calls the
ratelimit
module that defines and manages the
following types of keys. Based on your configuration, unique keys and their metadata are persisted
on the RAID volume or stored in memory.- Rate
- Track against the maximum number of resources that are requested during an interval.
- Token bucket
- Track against the maximum capacity of resources in a refillable bucket that are requested during an interval.
- Counter
- Count the number of any specific occurrences. Based on your requirements, you can flexibly modify the value of a counter.
- Concurrent transactions
- Count the number of concurrent transactions that are simultaneously processed.
Quota enforcement can work in stand-alone mode or peer group mode.
- In stand-alone mode, thresholds are enforced locally.
- In peer group mode, thresholds are enforced by a group of peers.
The keys and associated metadata are synchronized among the peer group and no single point of failure exists in the peer group.
You can view the quota enforcement status for the DataPower® Gateway by using
the quota enforcement server status provider. On each DataPower Gateway, you
can view details of all keys. However, you can delete keys from data storage on only primary by
using the following status providers or with metric specific commands. Deleting a key indicates the
key and the associated metadata are deleted.
- Quota enforcement counter metrics
- Quota enforcement concurrent transactions metrics
- Quota enforcement rate-based threshold metrics
- Quota enforcement token bucket threshold metrics