0

How can we achieve a Global Rate Limiting with Azure API Management Service while using multiple APIM Services for High Availability across paired regions in round robin fashion (50/50 traffic split), as the Rate Limit config/policy is local to each APIM?

For an example, we are using 2 Azure APIM Service, one in East US 2, another in Central US having 50/50 traffic split (round robin) to each APIM Service, for better HA. The the rate limit policy applied per client is 2 API calls per minute, which is local to each APIM Service. Now the client might end up making 4 API calls within a minute before hitting throttling limit, if the requests are splitted between the APIMS in 2 different regions. In such how can we achieve a global Rate limit of 2 API calls per minute for a caller/client?

Did not find any option in Azure to achieve this yet

Shuvan
  • 5
  • 2
  • Response from ChatGPT, seems quite reasonable: Implement a shared caching mechanism: Set up an Azure Cache for Redis or Azure Cosmos DB with the appropriate caching configuration, such as a sliding expiration or time-based eviction policy. Store rate limit data in the shared cache: Whenever a request comes in, check the client identifier in the shared cache to retrieve the current rate limit information (e.g., number of requests made within a specific time frame). If the client identifier is not found or has expired, initialize the rate limit data in the cache. – Shuvan May 24 '23 at 15:13
  • Any other simpler Solution anyone can share? – Shuvan May 24 '23 at 15:13

1 Answers1

1

Yes, using a shared caching system like Azure Cache for Redis or Azure Cosmos DB to achieve global rate restriction is one method.

  • Using a third-party API management system that supports global rate restriction is an alternative, easier method.There are third-party programmes available that can limit rates globally for a variety of APIM services.
  • Using the rate-limit-by-key policy, you can implement global rate restriction with Azure API Management Service. With the help of this policy, you may define expressions that designate the keys used to monitor traffic flow. As a rate limiting key, you can utilise the client IP address or the user identity to identify the user. By utilising the same key for all requests, you can then implement the rate restriction policy globally across all APIM services. By doing this, the rate limit will be upheld in all APIM services and locations. Below is the Sample policy statement from MS document,
<rate-limit-by-key calls="number"
                   renewal-period="seconds"
                   increment-condition="condition"
                   increment-count="number"
                   counter-key="key value" 
                   retry-after-header-name="custom header name, replaces default 'Retry-After'" 
                   retry-after-variable-name="policy expression variable name"
                   remaining-calls-header-name="header name"  
                   remaining-calls-variable-name="policy expression variable name"
                   total-calls-header-name="header name"/>
  • The other possible way is utilising a single APIM service with multiple regions is preferable to utilising numerous APIM services. By using Azure Traffic Manager or Azure Front Door, you may achieve high availability while the rate limit policy is imposed globally.
  • Reference MS document
vijaya
  • 1,525
  • 1
  • 2
  • 6