Chinese

APISIX

• QQ group: 552030619
• Mail list: Mail to [email protected], follow the reply to subscribe the mail list.
• 

APISIX is a cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices.

APISIX is based on Nginx and etcd. Compared with traditional API gateways, APISIX has dynamic routing and plug-in hot loading, which is especially suitable for API management under micro-service system.

Why APISIX?

If you are building a website, mobile device or IoT (Internet of Things) application, you may need to use an API gateway to handle interface traffic.

APISIX is a cloud-based microservices API gateway that handles traditional north-south traffic and handles east-west traffic between services, and can also be used as a k8s ingress controller.

APISIX provides dynamic load balancing, authentication, rate limiting, other plugins through plugin mechanisms, and supports plugins you develop yourself.

Features

You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc.

• All platforms

  • Cloud-Native: Platform agnostic, No vendor lock-in, APISIX can run from bare-metal to Kubernetes.
  • Run Environment: Both OpenResty and Tengine are supported.
  • Supports ARM64: Don't worry about the lock-in of the infra technology.

• Multi protocols

  • TCP/UDP Proxy: Dynamic TCP/UDP proxy.
  • Dynamic MQTT Proxy: Supports to load balance MQTT by client_id, both support MQTT 3.1.*, 5.0.
  • gRPC proxy: Proxying gRPC traffic.
  • gRPC transcoding: Supports protocol transcoding so that clients can access your gRPC API by using HTTP/JSON.
  • Proxy Websocket
  • Proxy Protocol
  • Proxy Dubbo: Dubbo Proxy based on Tengine.
  • HTTP(S) Forward Proxy
  • SSL: Dynamically load an SSL certificate.

• Full dynamic

  • Hot Updates And Hot Plugins: Continuously updates its configurations and plugins without restarts!
  • Proxy Rewrite: Support rewrite the host, uri, schema, enable_websocket, headers of the request before send to upstream.
  • Response Rewrite: Set customized response status code, body and header to the client.
  • Serverless: Invoke functions in each phase in APISIX.
  • Dynamic Load Balancing: Round-robin load balancing with weight.
  • Hash-based Load Balancing: Load balance with consistent hashing sessions.
  • Health Checks: Enable health check on the upstream node, and will automatically filter unhealthy nodes during load balancing to ensure system stability.
  • Circuit-Breaker: Intelligent tracking of unhealthy upstream services.
  • Dynamic service discovery：Support service discovery based on registry, reduce the reverse proxy maintenance costs.

• Fine-grained routing

  • Supports full path matching and prefix matching
  • Support all Nginx built-in variables as conditions for routing, so you can use cookie, args, etc. as routing conditions to implement canary release, A/B testing, etc.
  • Support various operators as judgment conditions for routing, for example {"arg_age", ">", 24}
  • Support custom route matching function
  • IPv6: Use IPv6 to match route.
  • Support TTL
  • Support priority
  • Support Batch Http Requests

• Security

  • Authentications: key-auth, JWT, basic-auth, wolf-rbac
  • IP Whitelist/Blacklist
  • IdP: Support external authentication services, such as Auth0, okta, etc., users can use this to connect to OAuth 2.0 and other authentication methods.
  • Limit-req
  • Limit-count
  • Limit-concurrency
  • Anti-ReDoS(Regular expression Denial of Service): Built-in policies to Anti ReDoS without configuration.
  • CORS Enable CORS(Cross-origin resource sharing) for your API.
  • uri-blocker: Block client request by URI.

• OPS friendly

  • OpenTracing: support Apache Skywalking and Zipkin
  • Monitoring And Metrics: Prometheus
  • Clustering: APISIX nodes are stateless, creates clustering of the configuration center, please refer to etcd Clustering Guide.
  • High availability: support to configure multiple etcd addresses in the same cluster.
  • Dashboard: Built-in dashboard to control APISIX.
  • Version Control: Supports rollbacks of operations.
  • CLI: start\stop\reload APISIX through the command line.
  • Stand-alone mode: Supports to load route rules from local yaml file, it is more friendly such as under the kubernetes(k8s).
  • Global Rule: Allows to run any plugin for all request, eg: limit rate, IP filter etc.
  • High performance: The single-core QPS reaches 18k with an average delay of less than 0.2 milliseconds.
  • Fault Injection
  • REST Admin API: Using the REST Admin API to control Apache APISIX, which only allows 127.0.0.1 access by default, you can modify the allow_admin field in conf/config.yaml to specify a list of IPs that are allowed to call the Admin API. Also note that the Admin API uses key auth to verify the identity of the caller. The admin_key field in conf/config.yaml needs to be modified before deployment to ensure security.
  • External Loggers: Export access logs to external log management tools. (HTTP Logger, TCP Logger, Kafka Logger, UDP Logger)

• Highly scalable

  • Custom plugins: Allows hooking of common phases, such as rewrite, access, header filer, body filter and log, also allows to hook the balancer stage.
  • Custom load balancing algorithms: You can use custom load balancing algorithms during the balancer phase.
  • Custom routing: Support users to implement routing algorithms themselves.

Installation

APISIX Installed and tested in the following systems(OpenResty MUST >= 1.15.8.1, or Tengine >= 2.3.2):

CentOS 7, Ubuntu 16.04, Ubuntu 18.04, Debian 9, Debian 10, macOS, ARM64 Ubuntu 18.04

Steps to install APISIX:

1. Installation runtime dependencies: Nginx and etcd, refer to documentation
2. There are several ways to install Apache APISIX:
   • Source Release
   • RPM package for CentOS 7
   • Luarocks
   • Docker

Quickstart

1. start server:

sudo apisix start

2. Try the getting started guide

The getting-started guide is a good way to learn the basics of APISIX. Follow the getting started guide.

Then you can try more plugins.

Dashboard

APISIX has built-in support for Dashboard, as follows:

1. Please make sure your machine has the latest Node.js(10 or higher), or there will occur build issues.

2. Download the source codes of dashboard submodule:

git submodule update --init --recursive

3. Install yarn

4. Install dependencies then run build command:

cd dashboard
yarn && yarn build:prod

5. Integration with APISIX Copy the compiled files under /dist directory to the apisix/dashboard directory,

cp -r dist/* .

open http://127.0.0.1:9080/apisix/dashboard/ in the browser. Do not need to fill the user name and password, log in directly.

The dashboard only allows 127.0.0.1 by default, and you can modify allow_admin in conf/config.yaml by yourself, to list the list of IPs allowed to access.

Benchmark

Using AWS's 8 core server, APISIX's QPS reach to 140,000 with a latency of only 0.2 ms.

Document

Document Indexing for Apache APISIX

Apache APISIX vs Kong

Both of them have been covered core features of API gateway

Features	Apache APISIX	KONG
Dynamic upstream	Yes	Yes
Dynamic router	Yes	Yes
Health check	Yes	Yes
Dynamic SSL	Yes	Yes
L4 and L7 proxy	Yes	Yes
Opentracing	Yes	Yes
Custom plugin	Yes	Yes
REST API	Yes	Yes
CLI	Yes	Yes

The advantages of Apache APISIX

Features	Apache APISIX	Kong
Belongs to	Apache Software Foundation	Kong Inc.
Tech Architecture	Nginx + etcd	Nginx + postgres
Communication channels	Mail list, Wechat group, QQ group, Github, meetup	Github, freenode, forum
Single-core CPU, QPS(enable limit-count and prometheus plugins)	18000	1700
Latency	0.2 ms	2 ms
Dubbo	Yes	No
Configuration rollback	Yes	No
Route with TTL	Yes	No
Plug-in hot loading	Yes	No
Custom LB and route	Yes	No
REST API <--> gRPC transcoding	Yes	No
Tengine	Yes	No
MQTT	Yes	No
Configuration effective time	Event driven, < 1ms	polling, 5 seconds
Dashboard	Yes	No
IdP	Yes	No
Configuration Center HA	Yes	No
Speed limit for a specified time window	Yes	No
Support any Nginx variable as routing condition	Yes	No

Videos And Articles

• APISIX technology selection, testing and continuous integration
• Analysis of Excellent Performance of Apache APISIX Microservices Gateway

User Stories

• ke.com: How to Build a Gateway Based on Apache APISIX(Chinese)
• 360: Apache APISIX Practice in OPS Platform(Chinese)
• HelloTalk: Exploring Globalization Based on OpenResty and Apache APISIX(Chinese)
• Tencent Cloud: Why choose Apache APISIX to implement the k8s ingress controller?(Chinese)
• aispeech: Why we create a new k8s ingress controller?(Chinese)

Who Uses APISIX?

A wide variety of companies and organizations use APISIX for research, production and commercial product, including:

Users are encouraged to add themselves to the Powered By page.

Landscape

  

APISIX enriches the CNCF API Gateway Landscape.

Contributing

See CONTRIBUTING for details on submitting patches and the contribution workflow.

Acknowledgments

Inspired by Kong and Orange.