Introduction to Apache APISIX: The Cloud-Native API Gateway
Apache APISIX is a dynamic, real-time, high-performance API gateway designed to handle traffic management for modern cloud-native environments. With a rich feature set including load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more, APISIX serves as a comprehensive solution for managing API traffic efficiently and securely.
APISIX is versatile, capable of managing both traditional north-south traffic and east-west traffic between services. Additionally, it can function as a Kubernetes ingress controller, making it a powerful tool for managing microservices and distributed applications.
Technical Architecture
The architecture of Apache APISIX is designed to provide high performance and flexibility. The core components include:
- Admin API: Provides a RESTful interface for managing the configuration of APISIX.
- etcd: Used as the configuration center to store all configurations dynamically.
- Data Plane: Handles the actual API traffic, including routing, load balancing, and applying various plugins.
Community and Support
Apache APISIX boasts an active community and robust support mechanisms:
- Mailing List: Subscribe by sending an email to dev-subscribe@apisix.apache.org.
- Slack Workspace: Join the #apisix channel via invitation link.
- Twitter: Follow and interact using the hashtag
#ApacheAPISIX
. - Documentation: Comprehensive documentation is available online.
- Discussions: Engage in discussions on the GitHub Discussions page.
- Blog: Read more on the APISIX blog.
Key Features
All Platforms
- Cloud-Native: APISIX is platform agnostic, meaning it can run on various environments from bare-metal to Kubernetes.
- ARM64 Support: Ensures compatibility with ARM64 architectures, preventing infrastructure technology lock-in.
Multi-Protocol Support
APISIX supports various protocols, making it highly adaptable for different use cases:
- TCP/UDP Proxy: Handles dynamic TCP/UDP proxying.
- Dubbo Proxy: Translates HTTP requests to Dubbo.
- Dynamic MQTT Proxy: Supports MQTT load balancing by
client_id
. - gRPC Proxy: Proxies gRPC traffic.
- gRPC Web Proxy: Facilitates gRPC Web traffic to gRPC services.
- gRPC Transcoding: Allows HTTP/JSON clients to access gRPC APIs.
- WebSocket Proxy: Proxies WebSocket connections.
- HTTP(S) Forward Proxy: Functions as an HTTP(S) forward proxy.
- SSL: Dynamically loads SSL certificates.
Full Dynamic Capabilities
APISIX provides dynamic capabilities to ensure high availability and performance:
- Hot Updates and Plugins: Allows continuous configuration and plugin updates without restarts.
- Proxy Rewrite and Response Rewrite: Modifies requests and responses dynamically.
- Dynamic Load Balancing: Supports round-robin and hash-based load balancing.
- Health Checks and Circuit Breaker: Monitors and filters unhealthy upstream nodes.
- Proxy Mirror and Traffic Split: Enables request mirroring and traffic splitting.
Fine-Grained Routing
APISIX offers precise routing capabilities:
- Full Path and Prefix Matching: Supports exact path and prefix-based routing.
- NGINX Built-In Variables: Uses NGINX variables for routing conditions.
- Custom Route Matching Functions: Allows custom logic for routing.
- IPv6 Support: Enables routing based on IPv6 addresses.
- Route TTL and Priority: Manages route lifetimes and priorities.
- Batch HTTP Requests and GraphQL Filtering: Handles batch requests and filters routes by GraphQL attributes.
Security
Security is a cornerstone of APISIX, featuring comprehensive support for authentication, authorization, and other security measures:
- Authentication Plugins: Supports
key-auth
,JWT
,basic-auth
,wolf-rbac
,casbin
,keycloak
, andcasdoor
. - IP and Referer Whitelist/Blacklist: Manages access controls.
- Identity Provider (IdP) Integration: Supports external identity platforms like Auth0 and Okta.
- Rate Limiting and Concurrency Control: Implements
limit-req
,limit-count
, andlimit-concurrency
plugins. - Anti-ReDoS: Built-in policies to prevent Regular expression Denial of Service.
- CORS: Supports Cross-Origin Resource Sharing.
- URI Blocker and Request Validator: Blocks requests based on URI and validates requests.
- CSRF Protection: Mitigates Cross-Site Request Forgery attacks.
Operations (OPS) Friendly
APISIX provides tools and integrations to facilitate operations and monitoring:
- Tracing and APM: Integrates with Zipkin and Apache SkyWalking for tracing and application performance monitoring.
- Service Discovery: Supports external service discovery via Consul, Nacos, Eureka, and Zookeeper.
- Monitoring and Metrics: Exports metrics to Prometheus.
- High Availability and Clustering: Ensures high availability and clustering via etcd.
- Dashboard: Offers a user-friendly dashboard for management.
- Version Control and CLI: Supports rollbacks and command-line operations.
- Standalone Mode: Supports configuration via local YAML files.
- Global Rules: Applies global rules across all requests.
- Fault Injection: Simulates failures to test system resilience.
- REST Admin API: Manages APISIX through a RESTful API.
Logging and Monitoring
APISIX supports extensive logging and monitoring capabilities:
- External Loggers: Integrates with various log management tools like HTTP Logger, TCP Logger, Kafka Logger, and more.
- ClickHouse and Elasticsearch: Pushes logs to ClickHouse and Elasticsearch.
- Datadog: Sends custom metrics to Datadog.
- Splunk HEC Logging: Integrates with Splunk for log management.
Scalability
APISIX is highly scalable, supporting custom plugins, load balancing algorithms, and routing:
- Custom Plugins: Allows development of plugins in Lua, Java, Go, and Python.
- Wasm SDK: Supports plugins written with Proxy Wasm SDK.
- Custom Load Balancing and Routing: Enables custom algorithms and routing logic.
Multi-Language Support
APISIX supports multi-language plugin development via RPC and Wasm:
- RPC: Supports plugins in Java, Golang, Python, and Node.js.
- Wasm: Experimental support for WebAssembly-based plugins.
Serverless
APISIX integrates with serverless functions for dynamic upstreams:
- Lua Functions: Invokes Lua functions in each phase.
- AWS Lambda: Integrates with AWS Lambda for dynamic upstreams.
- Azure Functions: Integrates with Azure Serverless Functions.
- Apache OpenWhisk: Integrates with Apache OpenWhisk.
Getting Started
Installation
Refer to the installation documentation for detailed instructions on installing APISIX.
Getting Started Guide
The getting started guide is an excellent resource to learn the basics of APISIX. It walks you through setting up APISIX, configuring routes, and applying plugins.
Admin API
APISIX provides a REST Admin API for managing configurations dynamically. The Admin API is secured by default and requires configuration to specify allowed IPs and admin keys.
Plugin Development
APISIX supports extensive plugin development. Refer to the plugin development guide for details. The example-plugin
provides a sample implementation to help you get started.
Benchmark
APISIX has been benchmarked for high performance. On an AWS eight-core server, APISIX achieves a QPS of 140,000 with a latency of only 0.2 ms. The benchmark script is open source, allowing users to replicate and contribute to performance testing.
Additionally, APISIX performs exceptionally well on AWS Graviton3 C7g instances, showcasing its adaptability and efficiency on modern cloud infrastructure.
Contributor Activity
APISIX has a vibrant and active community of contributors. You can visualize the contributor activity over time using the contributor graph.
User Stories
European eFactory Platform
The European eFactory Platform utilizes APISIX as an API security gateway, demonstrating its effectiveness in managing and securing API
traffic in a complex, distributed environment.
Airwallex
Airwallex integrates APISIX to enhance its distributed architecture, showcasing APISIX's capability in handling high-traffic environments.
Conclusion
Apache APISIX stands out as a powerful, flexible, and high-performance API gateway suitable for various environments, from cloud-native to traditional infrastructures. Its extensive feature set, coupled with dynamic capabilities, makes it an excellent choice for organizations looking to manage their API traffic efficiently and securely. The active community and continuous development ensure APISIX remains at the forefront of API gateway technology.
For more information, visit the Apache APISIX website or explore the GitHub repository.