UNPKG

voyageai-cli

Version:

CLI for Voyage AI embeddings, reranking, and MongoDB Atlas Vector Search

142 lines (98 loc) 3.14 kB
# Rate Limiting (Deployment Perspective) Rate limiting infrastructure protects backend services from overload. This document covers rate limiting from a deployment and infrastructure perspective. ## Rate Limiting Tiers The platform enforces rate limits at infrastructure layer: ``` Load Balancer Rate Limiter Service Instances (ingress) (enforce quota) (process) ``` Rate limiter tracks usage per user/API key and blocks excessive traffic. ## Token Bucket Algorithm Most rate limiters use token bucket: ``` Bucket capacity: 100 tokens Refill rate: 10 tokens/second Time 0s: 100 tokens (full) Time 0.1s: Consume 10 tokens 90 left Time 1.0s: Refilled 100 tokens ``` Allows bursts (temporary spikes) while enforcing average rate. ## Infrastructure Rate Limiting Rate limits enforced before requests reach application: **Per-IP rate limiting**: ``` 192.168.1.1: 1000 req/min (normal user) 192.168.1.2: 100 req/min (rate limited) ``` **Per-API-key rate limiting**: ``` sk_live_abc: Quota 10M req/month sk_live_xyz: Quota 100K req/month ``` ## Distributed Rate Limiting In multi-server setup, coordinate rate limits globally: ``` Server 1 ──┐ Server 2 ──┼→ Redis (shared state) Rate Limit Decision Server 3 ──┘ User makes request to Server 1. Server 1 checks with Redis: "Can user_123 make request?" Redis: "4 requests remaining of 5/minute" Allow request, decrement counter. ``` Redis ensures global consistency across all servers. ## DDoS Protection Rate limiting mitigates DDoS attacks: ``` Normal traffic: 1000 req/sec Attack: 1M req/sec (1000x spike) Rate limiter drops excess requests. Services see normal traffic stay healthy. Attacker's traffic discarded (doesn't reach backend). ``` ## Configuration Rate limits configured per tier: ```yaml Rate Limits: Free Plan: requests_per_second: 10 requests_per_month: 100K Pro Plan: requests_per_second: 100 requests_per_month: 10M Enterprise: Custom limits (negotiate with sales) ``` ## Monitoring Rate Limiting Track rate limit effectiveness: ``` Requests blocked by rate limiter: 0.1% (normal) Requests blocked due to quota: 0.01% (expected overages) Blocked requests trending up? Investigate legitimate use spike ``` Alert if legitimate users are being blocked. ## Graceful Degradation When rate limited: ``` 500 total requests limit 400 consumed by normal traffic 100 reserved for important operations If reaching limit: 1. Non-critical requests rejected (429) 2. Critical requests proceed (database writes, etc.) 3. Excess traffic discarded ``` Prioritize critical operations during overload. ## Cost-Based Rate Limiting Some operations consume more quota: ``` List users (100 items): 1 unit Get user details: 1 unit Analytics query (expensive): 10 units Bulk create 1000 users: 100 units ``` Users consuming resources pay proportionally. ## See Also - [Rate Limiting (Endpoints)](../endpoints/rate-limiting-endpoints.md) - API client perspective - [Scaling](scaling.md) - Infrastructure scaling - [Load Balancing](load-balancing.md) - Traffic distribution