Istio with Knative

#1

I need to restrict request limit . Requested should be restricted after certain number of time.

Things performed : ->
I have created service on knative & applied virtual service on it. As part of virtual service , i am creating destination rule as well.

Testing -> Service & virtual service is working fine , but destination rule to restrict number of http request is not working.

I have tried to send request 1 after another for 11 time , but still it accepts. It look like , http2MaxRequest is to limit concurrent request (at the same time) .

Destination rule code ->
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: route-policy
spec:
host: istio-ingressgateway.istio-system.svc.cluster.local
trafficPolicy:
connectionPool:
tcp:
maxConnections: 10
http:
http2MaxRequests: 10
maxRequestsPerConnection: 1
outlierDetection:
consecutiveErrors: 1
interval: 5m
baseEjectionTime: 15m

Let me know , if this is ok . or Is there any other way , i can restrict request

#2

Please find the service yaml file , where i am allowing concurrent request per pod

apiVersion: serving.knative.dev/v1alpha1 # Current version of Knative
kind: Service
metadata:
name: ping-service # The name of the app
namespace: default # The namespace the app will use
spec:
runLatest:
configuration:
revisionTemplate:
metadata:
annotations:
autoscaling.knative.dev/minScale: “0”
autoscaling.knative.dev/maxScale: “5”
spec:
containerConcurrency: 15
container:
image: docker.io/modassarrana/ping:v3 # The URL to the image of the app