The Connection Limit Provider governs the limits of connections that an user can simultaneously open.
There are two points within the hierarchy that enforce connection limits: the Broker itself and at each Virtual Host. When a limit needs to be checked, every check point configured with a provider is consulted for a decision. The example, when making a decision about the opening a new connection. If the Virtual Host is configured with Connection Limit Provider then the limits are checked. Unless the connection is rejected, the decision is delegated to the Connection Limit Provider configured at the Broker.
Connection Limit Provider is configured with a set of CLT (connection limit) rules. The rules determine the limit of open connections, how many connections can user open on the AMQP Ports.
CLT rules may be written in terms of user or group names. A rule written in terms of a group name applies to the user if he is a member of that group. Groups information is obtained from the Authentication Providers and Group Providers. Writing CLT rules in terms of user names is recommended.
The Connection Limit Providers can be configured using REST Management interfaces and Web Management Console.
There are currently two types of Connection Limit Provider implementing CLT rules.
RulesBased - a provider that stores the rule-set within the Broker's or VirtualHost's configuration.
ConnectionLimitFile - a provider that references an externally provided CLT file (or data url).
An CLT rule is composed of an user or group identification, AMQP port name and connection limits. Let's look at some example.
# Limits simultaneously open connection by alice on brokerAmqp port up to 10.
CLT alice port=brokerAmqp connection_count=10
If there is multiple rules for given user (or group) then the rules are merge into a single most restrictive rule.
CLT alice port=brokerAmqp connection_count=10
CLT alice port=brokerAmqp connection_count=12 connection_frequency_count=60/1m
CLT alice port=brokerAmqp connection_frequency_count=100/1m
The previous rules will be merge into a single effective rule.
CLT alice port=brokerAmqp connection_count=10 connection_frequency_count=60/1m
The rules are applied in following order:
The effective rule for given user.
The effective rule for given set of groups that user is a member of.
The default rule, a rule with the user ALL that matches any user.
At the first broker looks for a rule for given user. If any rule is not found then broker will look for the group rules. If any group rule is not found then broker will look for a default rule. An user without any rule is not restricted.
Connection limit rules follow this syntax:
CLT {<user-name>|<group-name>|ALL} [BLOCK] [port=<AMQP-port-name>|ALL] [property="<property-value>"]
A rule with user name ALL is default rule. Likewise a rule with port=ALL is applied to all ports. The parameter BLOCK is optional and marks user or group that is not allowed to connect on the port.
Comments may be introduced with the hash (#) character and are ignored. A line can be broken with the slash (\) character.
# A comment
CLT alice port=brokerAMQP connection_limit=10 # Also a comment
CLT mark port=brokerAMQP \ # A broken line
connection_limit=10 \
connection_frequency_limit=60/1m
CLT ALL BLOCK # A default rule
Table 8.6. List of connection limit (CLT) properties
| connection_limit |
Integer. A maximum number of connections the messaging user can establish to the Virtual Host on AMQP port. Alternatives: connection-limit, connectionLimit. |
| connection_frequency_limit |
A maximum number of connections the messaging user can establish to the Virtual Host on AMQP port within defined period of time, which is 1 minute by default. The connection frequency limit is specified in the format: limit/period, where time period is written as xHyMz.wS - x hours, y minutes and z.w seconds. In case of time period 1 hour/minute/second the digit 1 can be omitted, for example: 7200/H or 120/M or 2/S. (7200/H is not the same frequency limit as 120/H or 2/S). If the period is omitted then the default frequency period is used. If required, the default frequency period can be changed using CONFIG command. See an example below. Setting it to zero or negative value turns off the connection frequency evaluation. Alternatives: connection-frequency-limit, connectionFrequencyLimit. |
| port |
String. The AMQP port name, ALL is the default value. |
The default time period for frequency limit can be set up with the CONFIG command.
Default frequency period is specified in ms.
CONFIG default_frequency_period=60000
default-frequency-period and defaultFrequencyPeriod are valid alternatives to the default_frequency_period.
The default frequency period may be specified as context variable
qpid.broker.connectionLimiter.frequencyPeriodInMillis.
The Broker logs rejected connections when an user breaks the limit. But the Broker could also log
the accepted connections with current counter value. The full logging could be turn on with
CONFIG command.
CONFIG log_all=true default_frequency_period=60000
log-all and logAll are valid alternatives to the log_all.
Here are some example of connection limits illustrating common use cases.
Suppose you wish to restrict two users: a user operator can establish at the most 50
connections on any port. A user publisher can establish 30 new connection per two minutes
but at the most 20 parallel connections on amqp port. Another users should be blocked.
Example 8.6. CLT file example
# Limit operator
CLT operator connection_limit=50
# Limit publisher
CLT publisher port=amqp connection_frequency_limit=30/2M connection_limit=20
# Block all users by default
CLT ALL BLOCK
Apache Qpid, Messaging built on AMQP; Copyright © 2015 The Apache Software Foundation; Licensed under the Apache License, Version 2.0; Apache Qpid, Qpid, Qpid Proton, Proton, Apache, the Apache feather logo, and the Apache Qpid project logo are trademarks of The Apache Software Foundation; All other marks mentioned may be trademarks or registered trademarks of their respective owners