E-commerce subject I: business traffic limiting in the Cluster Environment

@ Zheng yu Summary

Date created: 20120925

Keyword index: Token bucket Algorithm , Bucket leakage Algorithm Background:

Common e-commerce traffic filtering technologies, such as anti-registration machine, seckill, and scanning, generally have the following requirements: 1) high performance. The algorithm is simple and efficient, and can process HTTP requests online in real time. 2) low classification error rate. In particular, do not mistakenly kill normal customer visits. 3) strong robustness. Because both sides are highly defensive, algorithms must adapt to various types of attacks (including DDoS attacks ). Subject 1: Checks the access requests of a website URL, form submission, or Ajax request in real time to find IP addresses that are too frequently requested, and limits the access frequency of these IP addresses. Subject 2: For Open Platform access to websites, there is a Frequency Constraint on calling an open interface, that is, a single app key cannot exceed 150 calls per hour. Translation: Zheng believes that what we want to limit is that the number of occurrences of an action in any time period measured by M is N. Keywords: Rate limiterrate limitingthrottle Limiter You need to control the average rate: Solution: We recommend that you use the simple implementation of the token bucket algorithm. References: 1) Leaky Bucket: the bucket leakage algorithm. Figure 1.1 bucket leakage Algorithm As shown in 1, the bucket itself has Constant RateLeaking down, but above Fast and slowWater enters the bucket. When the bucket is not full, the above water can be added. Once the water is full, the above water cannot be added. Bucket filling is a key trigger condition in the algorithm (that is, the condition for determining whether a traffic exception is established ). After the bucket is full of water, two common treatment methods are as follows: 1) temporarily intercept the Downward Flow of the above water, wait for some of the water in the bucket to leak, and then allow the above water. 2) directly discard the overflow above the water. Think of water as the abstraction of data packets in network communication. The effect of method 1 is called traffic shaping, and the effect of method 2 is called traffic grouping (traffic policy ). Therefore, the core concept of Traffic Shaping is "Waiting", and the core concept of Traffic Shaping is "Discarding ". They are two common flow rate control methods. Looking back at the figure above, we can see that the algorithm only requires two parameters: 1) bucket leakage rate 2) bucket size algorithm core: use the bucket model to determine when the traffic reaches an abnormal extension: 1) Handling Method of traffic exception: Traffic indexing v. s. traffic shaping2) the data packet processed is a negative length: Fixed Length v. s. variable Length 3) is the bucket size equal to the volume of water allowed by each tick: As a queue v. s. as a meter 2) The token bucket algorithm is the most commonly used algorithm in Traffic Shaping and Rate limiting. The bucket leakage algorithm is not flexible enough, so the token mechanism is added. Basic Idea: The application idea of the token bucket in Traffic Shaping is shown in 2.1. Figure 2.1 traffic control by car and CTS

Our main concernAgreed access rate (CAR)Mode, that is:

A. Deliver the token to the token bucket at a specific rate;

B. Sort packets according to preset matching rules,Messages that do not comply with the matching rules do not need to be processed by the token bucket and sent directly;

C. For packets that comply with the matching rules, the token bucket must be processed. When the bucket has enough tokens, the message can be sent, and the amount of tokens in the bucket is reduced according to the length of the message;

D.When the token in the token bucket is insufficient, the message cannot be sent (that is, discarded)The message can be sent only when a new token is generated in the bucket. In this way, the packet traffic can only be limited to a speed less than or equal to the Token Generation speed, to limit the traffic.

Implementation: In terms of data structure, there is no need to actually implement a token bucket. Generate a controlled Number of tokens Based on the passage of time-to cleanse the old traces with the passage of time, that is, to associate the two packet sending or receiving intervals with the number of tokens. Graphics to assist in understanding: The main difference between the token bucket and the missing Bucket Algorithm is: The bucket leakage algorithm can forcibly limit the data transmission rate, while the token bucket algorithm can limit the average data transmission rate while also allowing burst transmission to some extent. In the token bucket algorithm, as long as there is a token in the token bucket, the data can be transmitted suddenly until the threshold configured by the user is reached. Therefore, it is suitable for traffic with burst characteristics. 3) http://developer.linkedin.com/documents/throttle-limits this is a common open platform to limit the request rate. The better thing about LinkedIn is Application throttles And Developer throttles Separated. The latter facilitates joint debugging and testing. 4) Better Rate limiting in. net [penned objects] (5) Zheng Jing recommends reading, Leaky Bucket Algorithm and token bucket algorithm learning notes, application of token bucket algorithm, and working principle of QoS token bucket, use the netfilter module to implement traffic control per IP address based on the token bucket. 6) Python Implementation of the token bucket algorithm 1: kombu. utils. limits. PY Code : Bytes/ That is, the number of tokens to be appended is checked every time the _ get_tokens method is called. Class Tokenbucket ( Object ): Def _ Get_tokens ( Self ): If Self . _ Tokens < Self . Capacity : Now = Time . Time () Delta = Self . Fill_rate * ( Now - Self . Timestamp ) Self . _ Tokens = Min ( Self . Capacity , Self . _ Tokens + Delta ) Self . Timestamp = Now Return Self . _ Tokens The consumption token is indicated by the consume function, how many tokens are consumed this time:

  def   consume   (
     Self  ,   tokens   ):   "" consume tokens from the bucket. returns true if there were   sufficient tokens otherwise false. "  If   tokens   <=   Self  .   tokens  :   Self  .   _ tokens  -=   tokens   else  :   return   false   return   true  

  7) memcache-based Django of Rate limiting Decorator Implementation: Rate limiting with memcached Code implementation: https://github.com/simonw/ratelimitcache/blob/master/ratelimitcache.py   8) Preventing login hacks:Rate limiting using memcached Python implementation. It explicitly proposes the purpose of preventing dictionary attacks and scanning numbers. You can restrict IP addresses or other fields such as username.   8) node. js Implementation of the token bucket Algorithm Jhurliman/node-rate-limiter provides a very understandable token consumption method: The following is an example of 150 requests/time. Each request consumes one token:

VaR ratelimiter = require ('limiter '). ratelimiter; // allow 150 requests per hour (the Twitter search limit ). also understands // 'second', 'minute ', 'day', or a number of millisecondsvar limiter =New ratelimiter (150, 'hour '); // Throttle requestslimiter. removetokens (1, Function (ERR, remainingrequests) {// err will only be set if we request more than the maximum number of // requests we set in the constructor // remainingrequests tells us how to specify additional requests cocould be sent/right this moment callmyrequestsendingfunction (...);});
 

Below is a KB/sec example , Each 1 byte of transmission consumes 1 token :

VaR burst_rate = 1024*1024*150; // 150kb/sec burst ratevar fill_rate = 1024*1024*50; // 50kb/sec sustained ratevar tokenbucket = require ('limiter '). tokenbucket; // We cocould also pass a parent token bucket in as the last parameter to // create a hierarchical token bucketvar bucket =New tokenbucket (burst_rate, fill_rate, 'second', null); Bucket. removetokens (Mydata. bytelength, Function () {sendmydata (mydata );});
 

  9) stackoverflow: Throttling method callto M requests in n seconds What's a good rate limiting algorithm? Best way to implement request throttling in ASP. net mvc?