K
Q

How to set up rate limiting for Kubernetes admission controllers?

9/20/2021

A Kubernetes admission controller rejects requests that do not pass webhook checks, so it is technically a rate limiter itself.

When deploying to a high-traffic cluster, is there a way to rate limit the requests sent to the admission controller? For example, with rate limiting of 100 requests per second, the admission controller will auto-reject all further requests after the initial 100 requests.

-- jtee
kubernetes

Similar Questions

How to install Fluentd plugins on k8s
Why does my kubernetes webook only get called on create and not on update?
Is it possible to change subnet in Azure AKS deployment?
How to use TcpDiscoveryKubernetesIpFinder in Apache Ignite .Net
Kubernetes with helm on local persistent volume with docker for Windows

1 Answer

9/20/2021

You can try to leverage the EventRateLimit plugin for the admission controller where the controller tried to enforce a limit on the number of event requests that the API Server will accept in a given time slice. Below are some reference docs.

https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/admission_control_event_rate_limit.md

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#eventratelimit

-- Chandra Sekar
Source: StackOverflow