From 0161df44783c4ab19f14edeaa3c5148b56255c9a Mon Sep 17 00:00:00 2001 From: Gyubong Lee Date: Fri, 26 Apr 2024 06:49:09 +0000 Subject: [PATCH 1/4] 04-25-DDoS_prevention_for_anonymous_manager_API_requests --- ddos.py | 13 +++++++++++++ run-backend.ai.sh | 33 +++++++++++++++++++++++++++++++++ test.py | 11 +++++++++++ 3 files changed, 57 insertions(+) create mode 100644 ddos.py create mode 100755 run-backend.ai.sh create mode 100644 test.py diff --git a/ddos.py b/ddos.py new file mode 100644 index 0000000000..a8ad262473 --- /dev/null +++ b/ddos.py @@ -0,0 +1,13 @@ +import requests +import threading + +def send_request(): + response = requests.get('http://192.168.0.126:8091') + print(response) + print(response.headers) + + +# threading.Thread(target=send_request).start() + +for i in range(300): # Adjust this value based on your needs + threading.Thread(target=send_request).start() diff --git a/run-backend.ai.sh b/run-backend.ai.sh new file mode 100755 index 0000000000..cc9594f8e0 --- /dev/null +++ b/run-backend.ai.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# Use current Shell as API Mode +tmux rename-window API-Mode + +# Session Mode +tmux new-window +tmux rename-window Session-Mode + +# Manager +tmux new-window +tmux rename-window manager + +# Agent +tmux new-window +tmux rename-window agent + +# Storage +tmux new-window +tmux rename-window storage + +# Web UI +tmux new-window +tmux rename-window web + +sleep 2 + +tmux send-keys -t manager './backend.ai mgr start-server --debug' Enter +tmux send-keys -t agent './backend.ai ag start-server --debug' Enter +tmux send-keys -t storage './py -m ai.backend.storage.server' Enter +tmux send-keys -t web './py -m ai.backend.web.server' Enter +tmux send-keys -t API-Mode 'source env-local-admin-api.sh' Enter +tmux send-keys -t Session-Mode 'source env-local-admin-session.sh' Enter diff --git a/test.py b/test.py new file mode 100644 index 0000000000..4d1d75a529 --- /dev/null +++ b/test.py @@ -0,0 +1,11 @@ +from ai.backend.client.session import Session + + +def test(): + with Session() as session: + result = session.RateLimit.get_hot_anonymous_clients() + print(result) + + +if __name__ == "__main__": + test() \ No newline at end of file From 755bf36c091cc17202ea83f054d8a8475ee9c3ff Mon Sep 17 00:00:00 2001 From: Gyubong Lee Date: Thu, 25 Apr 2024 07:50:05 +0000 Subject: [PATCH 2/4] Move `anonymous_ratelimit` to shared_config --- src/ai/backend/manager/api/ratelimit.py | 2 +- src/ai/backend/manager/config.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ai/backend/manager/api/ratelimit.py b/src/ai/backend/manager/api/ratelimit.py index d0875063ac..aad8145de4 100644 --- a/src/ai/backend/manager/api/ratelimit.py +++ b/src/ai/backend/manager/api/ratelimit.py @@ -81,7 +81,7 @@ async def rlim_middleware( return response else: root_ctx: RootContext = app["_root.context"] - rate_limit = root_ctx.local_config["manager"]["anonymous-ratelimit"] + rate_limit = root_ctx.shared_config["anonymous_ratelimit"] ip_address = get_client_ip(request) diff --git a/src/ai/backend/manager/config.py b/src/ai/backend/manager/config.py index a1ebbd23c0..d3d60d1fee 100644 --- a/src/ai/backend/manager/config.py +++ b/src/ai/backend/manager/config.py @@ -293,7 +293,6 @@ "agent-selection-resource-priority", default=["cuda", "rocm", "tpu", "cpu", "mem"], ): t.List(t.String), - t.Key("anonymous-ratelimit", default=None): t.Null | t.ToInt, t.Key("importer-image", default="lablup/importer:manylinux2010"): t.String, t.Key("max-wsmsg-size", default=16 * (2**20)): t.ToInt, # default: 16 MiB tx.AliasedKey(["aiomonitor-termui-port", "aiomonitor-port"], default=48100): t.ToInt[ @@ -474,6 +473,7 @@ def container_registry_serialize(v: dict[str, Any]) -> dict[str, str]: ): session_hang_tolerance_iv, }, ).allow_extra("*"), + t.Key("anonymous_ratelimit", default=None): t.Null | t.ToInt, }).allow_extra("*") _volume_defaults: dict[str, Any] = { From 0e6c7c9d59559afd453d1403669e8fd948bac26f Mon Sep 17 00:00:00 2001 From: Gyubong Lee Date: Fri, 26 Apr 2024 05:22:49 +0000 Subject: [PATCH 3/4] chore: Add fragment --- changes/2067.feature.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changes/2067.feature.md diff --git a/changes/2067.feature.md b/changes/2067.feature.md new file mode 100644 index 0000000000..0892913eb8 --- /dev/null +++ b/changes/2067.feature.md @@ -0,0 +1 @@ +Move `anonymous_ratelimit` to shared_config \ No newline at end of file From 8a127d8d186239fee2e2df9acf2c8263fbf33341 Mon Sep 17 00:00:00 2001 From: Gyubong Lee Date: Fri, 26 Apr 2024 07:38:46 +0000 Subject: [PATCH 4/4] chore: Delete unrelateds --- ddos.py | 13 ------------- run-backend.ai.sh | 33 --------------------------------- test.py | 11 ----------- 3 files changed, 57 deletions(-) delete mode 100644 ddos.py delete mode 100755 run-backend.ai.sh delete mode 100644 test.py diff --git a/ddos.py b/ddos.py deleted file mode 100644 index a8ad262473..0000000000 --- a/ddos.py +++ /dev/null @@ -1,13 +0,0 @@ -import requests -import threading - -def send_request(): - response = requests.get('http://192.168.0.126:8091') - print(response) - print(response.headers) - - -# threading.Thread(target=send_request).start() - -for i in range(300): # Adjust this value based on your needs - threading.Thread(target=send_request).start() diff --git a/run-backend.ai.sh b/run-backend.ai.sh deleted file mode 100755 index cc9594f8e0..0000000000 --- a/run-backend.ai.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -# Use current Shell as API Mode -tmux rename-window API-Mode - -# Session Mode -tmux new-window -tmux rename-window Session-Mode - -# Manager -tmux new-window -tmux rename-window manager - -# Agent -tmux new-window -tmux rename-window agent - -# Storage -tmux new-window -tmux rename-window storage - -# Web UI -tmux new-window -tmux rename-window web - -sleep 2 - -tmux send-keys -t manager './backend.ai mgr start-server --debug' Enter -tmux send-keys -t agent './backend.ai ag start-server --debug' Enter -tmux send-keys -t storage './py -m ai.backend.storage.server' Enter -tmux send-keys -t web './py -m ai.backend.web.server' Enter -tmux send-keys -t API-Mode 'source env-local-admin-api.sh' Enter -tmux send-keys -t Session-Mode 'source env-local-admin-session.sh' Enter diff --git a/test.py b/test.py deleted file mode 100644 index 4d1d75a529..0000000000 --- a/test.py +++ /dev/null @@ -1,11 +0,0 @@ -from ai.backend.client.session import Session - - -def test(): - with Session() as session: - result = session.RateLimit.get_hot_anonymous_clients() - print(result) - - -if __name__ == "__main__": - test() \ No newline at end of file