Design Distributed Rate Limiter

Problem Statement

Design A Distributed Rate Limiter

OR

Design API Rate Limiter

OR

Design a scalable API rate limiter using sliding window, leaky bucket, and token bucket algorithms.

Full Question:

Design a distributed API rate limiter service for an application like GitHub.

Core Requirements:

• Enforce per-user or per-API rate limits.
• Support burst traffic and smooth throttling.
• Provide APIs for querying usage.

Scale Requirements:

• 1 billion API calls per day.
• 10 million unique users.
• < 100ms latency for enforcement checks.

Additional Considerations:

• Compare sliding window log vs. leaky bucket vs. token bucket.
• How to handle distributed rate-limiting across regions?
• How would you persist state and ensure consistency?
• How would you expose admin dashboards and rate config APIs?