Kong · lena-larionova · Dec 9, 2024 · Nov 19, 2024 · Nov 20, 2024 · Nov 21, 2024
@@ -26,6 +26,11 @@ You can also create a generic prompt rate limit using the [request prompt provid
       -  If the rate limit is reached, the next request will be blocked
     * Known limitation: The disable penalty only works for the `requestPrompt` provider.
 
+## Choosing a rate limiting plugin
+
+Kong provides multiple rate limiting plugins. Choose one to fit your use case:
+
+{% include /md/plugins-hub/rl-table.md %}
 
 ## Headers sent to the client
 

@@ -35,6 +35,12 @@ As compared to the standard Rate Limiting plugin, Rate Limiting Advanced provide
   which could lead to `no memory` errors.
 {% endif_version %}
 
+## Choosing a rate limiting plugin
+
+Kong provides multiple rate limiting plugins. Choose one to fit your use case:
+
+{% include /md/plugins-hub/rl-table.md %}
+
 ## Headers sent to the client
 
 When this plugin is enabled, Kong sends some additional headers back to the client

@@ -15,6 +15,13 @@ provides the ability to apply
 > **Note:** At least one limit (`second`, `minute`, `hour`, `day`, `month`, `year`) must be configured. 
 Multiple limits can be configured.
 
+## Choosing a rate limiting plugin
+
+Kong provides multiple rate limiting plugins. Choose one to fit your use case:
+
+{% include /md/plugins-hub/rl-table.md %}
+
+
 ## Headers sent to the client
 
 When this plugin is enabled, Kong sends additional headers

@@ -0,0 +1,5 @@
+## Changelog
+
+### {{site.base_gateway}} 3.9.x
+
+* Introduced the Service Protection plugin.
@@ -0,0 +1,28 @@
+# This file sets metadata for an individual Kong plugin.
+# View the full instructions for documenting a plugin
+# at https://docs.konghq.com/contributing/kong-plugins
+
+name: Service Protection
+
+publisher: Kong Inc.
+
+type: plugin
+
+categories: 
+  - traffic-control
+
+desc: Prevent abuse and protect services with absolute limits on the number of requests reaching the service
+
+free: false
+
+enterprise: true
+
+konnect: true
+
+network_config_opts: all
+
+notes: |
+  This plugin doesn't support cluster policies. 
+  If you want to use this plugin in hybrid mode or in Konnect, use Redis for storage.
+
+dbless_compatible: yes
@@ -0,0 +1,111 @@
+---
+nav_title: Setting rate limits on multiple entities
+title: Setting rate limits on multiple entities
+---
+
+A common use case for the Service Protection plugin is to use it in conjunction with other rate limiting plugins. 
+This lets you set granular protections on your services, routes, and so on.
+
+The follow examples show you how you could use the Service Protection plugin and the Rate Liming Advanced plugin together to apply
+different rate limits to different services.
+
+## Set up the Rate Limiting Advanced plugin
+
+Enable the Rate Limiting Advanced plugin on a route.
+
+1. Create a service:
+    ```sh
+    curl -i -s -X POST http://localhost:8001/services \
+        --data name=rla_example_service \
+        --data url='http://httpbin.org'
+    ```
+
+2. Create a route
+    ```sh
+    curl -i -X POST http://localhost:8001/services/rla_example_service/routes \
+        --data 'paths[]=/rla_mock' \
+        --data name=rla_route
+    ```
+
+3. Enable the Rate Limiting Advanced plugin on the route:
+    ```sh
+    curl -X POST http://localhost:8001/routes/rla_route/plugins \
+        --header "accept: application/json" \
+        --header "Content-Type: application/json" \
+        --data '{
+                "name": "rate-limiting-advanced",
+                "config": {
+                    "limit": [
+                    5
+                    ],
+                    "window_size": [
+                    30
+                    ],
+                    "identifier": "consumer",
+                    "sync_rate": -1,
+                    "namespace": "rla_example_namespace",
+                    "strategy": "local",
+                    "hide_client_headers": false
+            }
+        }'
+    ```
+
+
+## Set up the Service Protection plugin
+
+Create another service and route, and attach the Service Protection plugin to the service.
+
+1. Create a service:
+    ```sh
+    curl -i -s -X POST http://localhost:8001/services \
+        --data name=sp_example_service \
+        --data url='http://httpbin.org'
+    ```
+
+2. Create a route:
+    ```sh
+    curl -i -X POST http://localhost:8001/services/sp_example_service/routes \
+    --data 'paths[]=/sp_mock' \
+    --data name=sp_route
+    ```
+
+3. Enable the Service Protection plugin:
+    ```sh
+    curl -X POST http://localhost:8001/services/sp_example_service/plugins/ \
+        --header "accept: application/json" \
+        --header "Content-Type: application/json" \
+        --data '
+            {
+            "name": "service-protection",
+            "config": {
+                "limit": [
+                10
+                ],
+                "window_size": [
+                45
+                ],
+                "sync_rate": -1,
+                "namespace": "sp_example_namespace",
+                "strategy": "local",
+                "hide_client_headers": false
+        }
+        }'
+    ```
+
+## Validate
+
+Verify that the Rate Limiting Advanced plugin and the Service Protection plugin are applying separate limits.
+
+1. Verify the Rate Limiting Advanced plugin:
+    ```sh
+    curl -i http://localhost:8000/rla_mock/anything
+
+    for _ in {1..6}; do curl -s -i localhost:8000/rla_mock/anything; echo; sleep 1; done
+    ```
+
+2. Verify the Service Protection plugin:
+    ```sh
+    curl -i http://localhost:8000/sp_mock/anything
+
+    for _ in {1..10}; do curl -s -i localhost:8000/sp_mock/anything; echo; sleep 1; done
+    ```
@@ -0,0 +1,58 @@
+---
+nav_title: Overview
+title: Overview
+---
+
+Set absolute maximum rate limits for services using the Service Protection plugin. 
+You can use this plugin together with other rate limiting plugins to apply granular rate limits based on different entities.
+
+If you want to apply global rate limits or apply rate limits to routes and consumers, see the following other rate limiting plugins:
+
+{% include /md/plugins-hub/rl-table.md %}
+
+The Service Protection plugin uses the same [Rate Limiting Library](/gateway/latest/reference/rate-limiting/) as the other rate limiting plugins.
+
+## FAQs
+
+<details><summary>Does the Service Protection plugin replace the Rate Limiting or Rate Limiting Advanced plugins?</summary>
+
+{% capture rl_plugins_replace %}
+No. The Service Protection plugin only rate limits services. You can still use the Rate Limiting and Rate Limiting Advanced 
+plugins to rate limit other entities, like consumers and routes. 
+{% endcapture %}
+
+{{ rl_plugins_replace | markdownify }}
+
+</details>
+
+<details><summary>Can I use the Service Protection plugin with other rate limiting plugins?</summary>
+
+{% capture rl_plugins_compatibility %} 
+Yes. You can rate limit a service with the Service Protection plugin, then rate limit routes, consumers, or consumer groups
+with the other rate limiting plugins. 
+
+{:.note}
+> **Note:** We don’t recommend using multiple rate limiting plugins on the same **service only**.
+We recommend applying Service Protection on the service, and Rate Limiting (or Rate Limiting Advanced) on the service/consumer pair, for more granular rate limits.
+
+{% endcapture %}
+
+{{ rl_plugins_compatibility | markdownify }}
+
+</details>
+
+<details><summary>When would I use the Service Protection plugin with other rate limiting plugins?</summary>
+
+{% capture rl_plugins_use_cases %}
+You should use the Service Protection plugin to rate limit your services and use the other rate limiting plugins to limit other entities, 
+like consumers or routes, or to apply global rate limits. 
+{% endcapture %}
+
+{{ rl_plugins_use_cases | markdownify }}
+
+</details>
+
+## Get started with the Service Protection plugin
+
+* [Configuration reference](/hub/kong-inc/service-protection/configuration/)
+* [Basic configuration example](/hub/kong-inc/service-protection/how-to/basic-example/)
@@ -0,0 +1,4 @@
+strategy: gateway
+
+releases:
+  minimum_version: 3.9.x
@@ -0,0 +1,6 @@
+Plugin | Description | Service | Route | Consumer | Consumer Group
+-------|-------------|---------|-------|----------|----------------
+[Service Protection](/hub/kong-inc/service-protection/) | Apply absolute rate limits to services. | <i class="fa fa-check"></i> | <i class="fa fa-times"></i> | <i class="fa fa-times"></i> | <i class="fa fa-times"></i>
+[Rate Limiting](/hub/kong-inc/rate-limiting/) | Rate limit services, consumers, and routes or apply global rate limits. | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i> 
+[Rate Limiting Advanced](/hub/kong-inc/rate-limiting-advanced/) | Rate limit services, consumers, and routes or apply global rate limits. The Rate Limiting Advanced plugin extends the functionality of the Rate Limiting plugin by providing advanced tuning settings and the ability to apply multiple limits in sliding or fixed windows. | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i> 
+[AI Rate Limiting Advanced](/hub/kong-inc/ai-rate-limiting-advanced/) | Apply rate limits to traffic from LLMs. This plugin extends Rate Limiting Advanced with AI functionality. | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>  | <i class="fa fa-check"></i>