Add proposal for tenant limits API #6818
Conversation
|
Hello, this has been something that has been bothering me and my team for a while. |
Signed-off-by: Bogdan Stancu <[email protected]>
Signed-off-by: Bogdan Stancu <[email protected]>
Signed-off-by: Bogdan Stancu <[email protected]>
bogdan-at-adobe
force-pushed
the
limits-api-proposal
branch
from
2ca6d4b to
e2eca89
Compare
| } | ||
| ``` | ||
|
|
||
| #### 2. PUT /api/v1/user-limits |
There was a problem hiding this comment.
The limits are managed by the runtime-config which is either stored on a volume backed by a config map or in from an S3/gcs/azure bucket.
- How would this API work in the former case?
There was a problem hiding this comment.
The end goal is to remove admin intervention for user limits. My initial idea was writing to either the config map or the s3/gcs/azure bucket but I'm not 100% sure of all the implications, other than requiring more access.
There was a problem hiding this comment.
Good question. @bogdan-at-adobe Configmap are normally readonly. Put it in the spec that the API will not support configmaps, only block storage backends.
| ### Endpoints | ||
|
|
||
| #### 1. GET /api/v1/user-limits | ||
| Returns the current limits configuration for a specific tenant. |
There was a problem hiding this comment.
Currently the limits are loaded periodically in an interval. Would this API read the config directly from storage?
There was a problem hiding this comment.
I think reading from the currently loaded config is fine enough for this. Using the api to make changes will also trigger a reload of the loaded limits so the only issue I see would be changing the config manually and waiting for it to get reloaded which will lead to a wrong answer from the api for 10 seconds max (assuming the default), change that is probably made by an admin and is aware of this implication. I might be wrong on this. GET /runtime_config endpoint makes the same assumptions.
There was a problem hiding this comment.
I think the answer is yes, s3 is our only source of truth. Similar to how Alertmanager cortex API works.
|
|
||
| ### Endpoints | ||
|
|
||
| #### 1. GET /api/v1/user-limits |
There was a problem hiding this comment.
Which component in Cortex will serve this API? Maybe a new admin service in Cortex for this purpose?
There was a problem hiding this comment.
as @friedrichg said
We already have a component that reads limits, so it's perfect for this use case.
So my guess is that the cortex-overrides is a good place. Looking at the fact that the GET /runtime_config is on all components I don't see a reason why the limits api wouldn't be the same though.
There was a problem hiding this comment.
We only want this in the cortex overrides, no need to put In the other components.
Signed-off-by: Bogdan Stancu <[email protected]>
bogdan-at-adobe
force-pushed
the
limits-api-proposal
branch
from
7990645 to
3544ba3
Compare
What this PR does:
This PR adds a proposal for a tenant limits API.
Which issue(s) this PR fixes:
Fixes #
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]