Agree with Koushik here. -min
Sent from my iPhone On Dec 20, 2012, at 1:34 AM, "Koushik Das" <[email protected]> wrote: > All the APIs are independent so even if some are not allowed due to limit > getting reached there shouldn't be any inconsistency in the DB/hypervisors. > But this needs to be handled properly in the UI. > > Thanks, > Koushik > >> -----Original Message----- >> From: Ram Ganesh [mailto:[email protected]] >> Sent: Thursday, December 20, 2012 2:53 PM >> To: [email protected] >> Subject: RE: [DISCUSS]API request throttling >> >> How do we characterize the behaviour for a UI/self-service portal user? A >> single UI screen can result anywhere from 1 to N API requests. Would it not >> lead CloudStack to some inconsistent state? What if the UI configuration >> spans time duration window? >> >> Thanks, >> RamG >> >>> -----Original Message----- >>> From: Min Chen [mailto:[email protected]] >>> Sent: 20 December 2012 00:19 >>> To: [email protected] >>> Subject: [DISCUSS]API request throttling >>> >>> Hi all, >>> >>> Currently, the legitimate users of CloudStack can occasionally hammer >>> the server with heavy API requests that cause undesirable results, >>> like killing the server, performance issues for other CloudStack users. >>> Also, it may become a mechanism for certain malicious users to do >>> malicious attacks to CloudStack service to cause cloud outage. To >>> prevent certain things happen, we would like to introduce API request >>> throttling feature to limit number of APIs that can be placed by each >>> account within certain time duration and will block API requests if >>> the account is over the limit so that he/she have to retry later. The >>> detailed FS can be found at >>> >> https://cwiki.apache.org/confluence/display/CLOUDSTACK/API+Request+Th >> r >>> o >>> ttling. >>> >>> Please let me know any comments and suggestions. >>> >>> Thanks >>> -min
