The ngx_http_limit_conn_module
module limits the number of connections per
defined key. The main directives include limit_conn_zone
and
limit_conn
.
The limit_conn_zone
directive sets parameters for a shared memory zone
that keeps states for various keys. A state is the current number of
connections. The key value can contain text, variables, and their combination.
The requests with an empty key value are not accounted.
Syntax | limit_conn_zone key zone=name:size; |
---|---|
Default | — |
Context | HTTP |
NGINX configuration sample | limit_conn_zone $binary_remote_addr zone=global_limit_conn_zone:20m;
limit_conn_zone $binary_remote_addr zone=openstack_web_conn_zone:10m;
|
The limit_conn
directive sets the shared memory zone and the maximum
allowed number of connections for a given key value. When this limit is
exceeded, the server returns the error in reply to a request.
Syntax | limit_conn zone number; |
---|---|
Default | — |
Context | HTTP, server, location |
NGINX configuration sample | limit_conn global_limit_conn_zone 100;
limit_conn_status 429;
|
Example of a Salt pillar with limit_conn_zone and limit_conn:
nginx:
server:
limit_conn_module:
limit_conn_zone:
global_limit_conn_zone:
key: 'binary_remote_addr'
size: 20m
enabled: true
api_keystone_conn_zone:
key: 'binary_remote_addr'
size: 10m
enabled: true
limit_conn:
global_limit_conn_zone:
connections: 100
enabled: true
limit_conn_status: 429
To apply the connection limiting to a particular site, define limit_conn
on a site level. For example:
nginx:
server:
site:
nginx_proxy_openstack_api_keystone:
limit_conn_module:
limit_conn_status: 429
limit_conn:
api_keystone_conn_zone:
connections: 50
enabled: true