Maybe we can finally stopped the UI for DDOSing us with those getJobStatus requests. ;)
--alex > -----Original Message----- > From: Ram Ganesh [mailto:[email protected]] > Sent: Thursday, December 20, 2012 1:23 AM > To: [email protected] > Subject: RE: [DISCUSS]API request throttling > > How do we characterize the behaviour for a UI/self-service portal user? A > single UI screen can result anywhere from 1 to N API requests. Would it not > lead CloudStack to some inconsistent state? What if the UI configuration > spans time duration window? > > Thanks, > RamG > > > -----Original Message----- > > From: Min Chen [mailto:[email protected]] > > Sent: 20 December 2012 00:19 > > To: [email protected] > > Subject: [DISCUSS]API request throttling > > > > Hi all, > > > > Currently, the legitimate users of CloudStack can occasionally hammer > > the server with heavy API requests that cause undesirable results, like > > killing the server, performance issues for other CloudStack users. > > Also, it may become a mechanism for certain malicious users to do > > malicious attacks to CloudStack service to cause cloud outage. To > > prevent certain things happen, we would like to introduce API request > > throttling feature to limit number of APIs that can be placed by each > > account within certain time duration and will block API requests if the > > account is over the limit so that he/she have to retry later. The > > detailed FS can be found at > > > https://cwiki.apache.org/confluence/display/CLOUDSTACK/API+Request+Th > ro > > ttling. > > > > Please let me know any comments and suggestions. > > > > Thanks > > -min
