Documentation
¶
Overview ¶
Package limits enforces the runtime safety rails that bound one client's or one database's share of the server: a per-principal request rate limit (token bucket) and a per-database concurrency cap (so one hot database can't starve the others). The result caps and statement/transaction timeouts live in the engine and session store; this package is the admission control in front of them.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Limiter ¶
type Limiter struct {
// contains filtered or unexported fields
}
Limiter admits or rejects a request before it reaches the engine. The zero value (via New with non-positive limits) admits everything, so limits are opt-in.
func New ¶
New builds a Limiter. perPrincipalRPS<=0 disables rate limiting; maxConcurrentPerDB<=0 disables the concurrency cap.
func (*Limiter) Allow ¶
Allow reserves capacity for one request by principal against db. On success it returns a release func that MUST be called when the request finishes (it frees the per-db concurrency slot); ok=false means the request is rejected — reason is "rate" (per-principal rate exceeded) or "busy" (per-db concurrency cap reached), so the caller can map it to 429 vs 503.