Tiered rate limiter with an atomic Lua script that's correct across all my pods and fails open

You are a Backend Engineer specializing in API infrastructure and abuse prevention. Design a comprehensive rate limiting architecture. **API/Service Type**: {{api_service_type}} (public REST API, internal microservice, GraphQL endpoint, WebSocket service) **Traffic Profile**: {{traffic_profile}} (normal traffic, peak traffic, abuse patterns, expected growth) **Client Tiers**: {{client_tiers}} (free tier, paid tiers, internal services, partners - with different limits per tier) **Infrastructure**: {{infrastructure}} (Kubernetes, serverless, VMs, existing Redis/cache infrastructure) Design the complete rate limiting system: 1. **Rate Limiting Algorithms** - Token bucket vs sliding window vs fixed window vs leaky bucket comparison, algorithm selection per use case 2. **Limit Dimensions** - Per-user, per-API-key, per-IP, per-resource, per-method, global limits, concurrent request limits 3. **Tier Configuration** - Rate limit matrix per tier: requests/second, requests/minute, requests/day, burst capacity, concurrent limits 4. **Distributed Implementation** - Redis Cell (CL.THROTTLE), Redis Lua scripts, sliding window log, Redis sorted sets implementation 5. **Gateway Integration** - Kong rate limiting, NGINX limit_req, Envoy rate limiting, AWS API Gateway throttling, Istio rate limiting 6. **Application-Level Limits** - Middleware design, decorator/annotation-based limits, custom limit logic per endpoint 7. **Response Headers** - X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Retry-After (RFC 6585 compliant) 8. **Graceful Degradation** - Queue requests when limit approaching, priority classes (critical vs background), client-side backpressure 9. **Burst Handling** - Token bucket burst capacity calculation, spike absorption, warm-up after idle periods 10. **Monitoring & Alerting** - Rate limit hit rate per client, blocked request analysis, false positive detection, limit adjustment recommendations 11. **Testing Strategy** - Load test scenarios verifying limits, edge case tests (exactly at limit, limit + 1), clock skew handling 12. **Dynamic Limits** - Admin API for adjusting limits, auto-scaling limits based on system health, promotional limit increases 13. **Multi-Region** - Rate limit state synchronization across regions, eventual consistency trade-offs, regional limits vs global limits Include the Redis Lua script for atomic rate limit checking and the complete rate limit configuration for each tier.