This document lists the quotas and limits that apply to Media CDN.
A quota restricts how much of a shared Google Cloud resource your Google Cloud project can use, including hardware, software, and network components. Therefore, quotas are a part of a system that does the following:
- Monitors your use or consumption of Google Cloud products and services.
- Restricts your consumption of those resources, for reasons that include ensuring fairness and reducing spikes in usage.
- Maintains configurations that automatically enforce prescribed restrictions.
- Provides a means to request or make changes to the quota.
In most cases, when a quota is exceeded, the system immediately blocks access to the relevant Google resource, and the task that you're trying to perform fails. In most cases, quotas apply to each Google Cloud project and are shared across all applications and IP addresses that use that Google Cloud project.
There are also limits on Media CDN resources. These limits are unrelated to the quota system. Limits cannot be changed unless otherwise stated.
Limits
Configuration
| Item | Limits | Notes |
|---|---|---|
Maximum number of EdgeCacheService |
20 per project | Contact your Google Cloud sales team if you need to increase this limit. |
Maximum number of EdgeCacheOrigin |
30 per project | Contact your Google Cloud sales team if you need to increase this limit. |
Maximum number of EdgeCacheKeyset |
10 per project | Contact your Google Cloud sales team if you need to increase this limit. |
Maximum number of RouteRules per
EdgeCacheService |
2000 | Each This limit cannot be increased. |
| Maximum SSL certificates per Service | 5 | This limit cannot be increased. Also refer to the per project quota for SSL certificates. |
Maximum number of public keys per
EdgeCacheKeyset |
3 | This limit cannot be increased. Multiple keys in a Keyset are designed to enable key rotation: you should remove older and unused keys over time. |
Maximum number of validation shared keys per
EdgeCacheKeyset |
3 | This limit cannot be increased. Multiple keys in a Keyset are designed to enable key rotation: you should remove older and unused keys over time. |
HTTP headers, requests, and responses
| Item | Limits | Notes |
|---|---|---|
| Maximum request header size | Approx. 11 KiB | This limit cannot be increased.
The combined size of the request URL and request header is limited to 15 KiB. Requests are rejected with a HTTP 431 response for HTTP/1.1 connections. HTTP/2 connections are closed without a response code being written.
These requests are logged with a |
| Maximum response header size | Approx. 128 KiB | This limit cannot be increased.
Origin responses with headers that exceed this limit result in an HTTP
502 being sent to the client. These are logged with a |
| Maximum cacheable object size | 100 GiB | This limit cannot be increased.
This is the maximum size of objects at the origin that Media CDN can cache. Larger objects are treated as uncacheable. |
| Maximum uncacheable response size | 500 MiB | This limit cannot be increased.
This is the maximum number of bytes in a response body that Media CDN proxies when an object is uncacheable. Uncacheable responses are truncated after they hit the limit. |
| Lowercase conversion for headers | Always, for Media CDN | Media CDN follows HTTP/2 conventions for letter
case of request and response headers.
Regardless of the protocol used, all headers are converted to lower-case.
For example, The cases of header values are not changed. |
API request rate limits
If you need a higher rate limit for API requests, you can review the current use and request an increase.
| Item | Limits |
|---|---|
| Invalidations | 10 per minute per EdgeCacheService |
All of the calls that aren't in the
networkservices namespace |
1200 calls per minute per project |
Read-only: GetEdgeCache*,
ListEdgeCache* |
100 per minute per project |
Read/write: everything in the networkservices
namespace not marked as read-only |
100 per minute per project |
Client timeouts
| Timeout | Maximum duration | Response code | Description |
|---|---|---|---|
| Maximum request duration | 5 minutes | HTTP 408 (Request Timeout) | The maximum duration of a single request-response. |
| Header timeout | 10 seconds | HTTP 408 (Request Timeout) | How long the client has to send the full set of request headers. |
Origin timeouts
connectTimeoutandmaxAttemptsTimeoutlimit how long Media CDN takes to find a usable response.Both timeouts include the time that the origin takes to return headers and to determine whether to use a failover or redirect.
connectTimeoutapplies independently for each origin attempt, whilemaxAttemptsTimeoutincludes the time required to connect across all origin attempts, including failovers and redirects. Following a redirect counts as an additional attempt to connect to the origin, and counts toward themaxAttemptsset for the configured origin.When Media CDN encounters a non-redirect response, such as from a redirect or failover origin, the
readTimeoutandresponseTimeoutvalues apply. Redirected origins use theconnectTimeout,readTimeout, andresponseTimeoutvalues configured for theEdgeCacheOriginthat encountered the redirect.responseTimeoutandreadTimeoutcontrol how long a streamed response can take. After Media CDN determines that it's going to use an upstream response, neitherconnectTimeoutnormaxAttemptsTimeoutmatter. At this point,readTimeoutandresponseTimeoutcome into effect.
Media CDN makes at most four origin attempts across all origins,
regardless of the maxAttempts set by each EdgeCacheOrigin.
Media CDN uses the maxAttemptsTimeout value from the primary
EdgeCacheOrigin. The per-attempt timeout values (connectTimeout,
readTimeout, and responseTimeout) are configured for the EdgeCacheOrigin
of each attempt.
The following table describes the timeout fields:
| Field | Default | Description |
|---|---|---|
| connectTimeout | 5 seconds | The maximum amount of time Media CDN can take from
starting the request to the origin until Media CDN determines
whether the response is usable. Practically, The timeout must be a value between 1 second and 15 seconds. |
| maxAttemptsTimeout | 15 seconds | The maximum time across all connection attempts to the origin, including failover origins, before returning an error to the client. An HTTP 504 is returned if the timeout is reached before a response is returned. The timeout must be a value between 1 second and 30 seconds. This setting defines the total duration for all origin
connection attempts, including failover origins, in order to cap the
total time clients have to wait for content to start streaming. Only the first
|
| readTimeout | 15 seconds | The maximum duration to wait between reads of a single HTTP response.
The |
| responseTimeout | 30 seconds | The maximum duration to allow for a response to complete. The timeout must be a value between 1 second and 120 seconds. The duration is measured from the time that the first body bytes are received. If this timeout is reached before the response is complete, the response is truncated and logged. |
Managing quotas
Media CDN enforces quotas on resource usage for various reasons. For example, quotas protect the community of Google Cloud users by preventing unforeseen spikes in usage. Quotas also help users who are exploring Google Cloud with the free tier to stay within their trial.
All projects start with the same quotas, which you can change by requesting additional quota. Some quotas may increase automatically based on your use of a product.
Permissions
To view quotas or request quota increases, Identity and Access Management (IAM) principals need one of the following roles.
| Task | Required role |
|---|---|
| Check quotas for a project | One of the following:
|
| Modify quotas, request additional quota | One of the following:
|
Checking your quota
Console
- In the Google Cloud console, go to the Quotas page.
- To search for the quota that you want to update, use the Filter table. If you don't know the name of the quota, use the links on this page instead.
gcloud
Using the Google Cloud CLI, run the following command to
check your quotas. Replace PROJECT_ID with your own project ID.
gcloud compute project-info describe --project PROJECT_ID
To check your used quota in a region, run the following command:
gcloud compute regions describe example-region
Errors when exceeding your quota
If you exceed a quota with a gcloud command,
gcloud outputs a quota exceeded error
message and returns with the exit code 1.
If you exceed a quota with an API request, Google Cloud returns the
following HTTP status code: HTTP 413 Request Entity Too Large.
Requesting additional quota
To increase or decrease most quotas, use the Google Cloud console. For more information, see Request a higher quota.
Console
- In the Google Cloud console, go to the Quotas page.
- On the Quotas page, select the quotas that you want to change.
- At the top of the page, click Edit quotas.
- Fill out your name, email, and phone number, and then click Next.
- Fill in your quota request, and then click Done.
- Submit your request. Quota requests take 24 to 48 hours to process.
Resource availability
Each quota represents a maximum number for a particular type of resource that you can create, if that resource is available. It's important to note that quotas do not guarantee resource availability. Even if you have available quota, you can't create a new resource if it is not available.
For example, you might have sufficient quota to create a new regional, external IP address
in the us-central1 region. However, that is not possible if there are no
available external IP addresses in that region. Zonal resource
availability can also affect your ability to create a new resource.
Situations where resources are unavailable in an entire region are rare. However, resources within a zone can be depleted from time to time, typically without impact to the service level agreement (SLA) for the type of resource. For more information, review the relevant SLA for the resource.