Domestic open source project apifix: cloud native microservice API gateway

Time:2020-12-2

Technical editor: Ming Fei from Beijing
SegmentFault has he reported the official account number: SegmentFault


Domestic open source project apifix: cloud native microservice API gateway

Apifix is a cloud based microservice API gateway, which is the entrance of all business traffic. It can handle the traditional north-south traffic, the east-west traffic between services, and can also be used as k8s ingress controller. Apisix was developed by Shenzhen branch science and technology team and started to incubate in Apache foundation.

Apifix provides dynamic load balancing, authentication, current limiting and speed limiting functions through plug-in mechanism, and supports plug-ins developed by yourself.

For more detailed information, please refer to the API IX white paper.

Domestic open source project apifix: cloud native microservice API gateway

You can use Apache APIs IX as a traffic portal to process all business data, including dynamic routing, dynamic upstream, dynamic certificate, a / B testing, Canary publishing (gray Publishing), blue-green deployment, current limiting and speed limiting, resisting malicious attacks, monitoring and alarming, service observability, service governance, etc.

Project address: https://github.com/apache/inc…

function

  • Full platform

    • Cloud native: platform independent, no vendor lock, apifix can run regardless of bare machine or kubernetes.
    • Running environment: both openresty and Tengine support it.
    • Support for arm64: don’t worry about the locking of the underlying technology.
  • Multi protocol

    • TCP / UDP proxy: dynamic TCP / UDP proxy.
    • Dynamic mqtt proxy: support forclient_idLoad balancing is performed on mqtt, and mqtt3.1 * and 5.0 protocol standards are supported at the same time.
    • Grpc proxy: use APIs IX to proxy grpc connections and manage your grpc services using most of the features of apifix.
    • Grpc protocol conversion: support protocol conversion, so that clients can access your grpc API through HTTP / JSON.
    • Websocket proxy
    • Proxy Protocol
    • Dubbo proxy: Based on Tengine, it can implement the proxy of Dubbo request.
    • HTTP (s) reverse proxy
    • SSL: dynamically loads SSL certificates.
  • Full dynamic capability

    • Hot updates and hot plug-ins: configuration and plug-ins can be continuously updated without restarting the service.
    • Proxy request Rewriting: supports thehosturischemaenable_websocketheadersInformation.
    • Output content Rewriting: supports custom modification of returned contentstatus codebodyheaders
    • Serverless: at each stage of apifix, you can add and call your own functions.
    • Dynamic load balancing: dynamically support weighted round robin load balancing.
    • Load balancing supporting consistent hash: dynamically supporting consistent hash load balancing.
    • Health check: enabling health check of upstream nodes will automatically filter unhealthy nodes during load balancing to ensure system stability.
    • Fuse: intelligent tracking unhealthy upstream service.
  • Fine routing

    • Support full path matching and prefix matching
    • Supports using all built-in variables of nginx as routing conditions, so you can usecookie,argsAnd so on as the routing conditions, to achieve gray publishing, a / B testing and other functions
    • Support various operators as routing criteria, such as{"arg_age", ">", 24}
    • Support custom routing matching function
    • IPv6: support IPv6 format matching routing
    • Support automatic expiration (TTL) for routing
    • Priority of supporting routing
  • safety protection

    • Multiple authentication methods: key auth, JWT, basic auth, wolf RBAC.
    • IP black and white list
    • IDP support: support external authentication services, such as auth0, OKTA, authoring, etc. users can use this to connect with authentication methods such as oauth2.0.
    • Limiting rate
    • Limit number of requests
    • Limit concurrency
    • Defense against redos (regular expression denial of service): built in policy to resist redos without configuration.
    • CORS
  • Operation and maintenance friendly

    • Opentracking observability: supports Apache skywalking and Zipkin.
    • Monitoring and indicators: Prometheus
    • Cluster: apifix nodes are stateless. Please refer to the etcd clustering guide for creating a configuration center cluster.
    • High availability: supports the configuration of multiple etcd addresses in the same cluster.
    • Console: built in console to operate apifix cluster.
    • Version control: supports multiple rollback of operations.
    • CLI: use the command line to start, shut down, and restart apifix.
    • Stand alone mode: supports loading routing rules from local configuration files, which is more friendly in kubernetes (k8s) and other environments.
    • Global rules: it is allowed to execute plug-ins for all requests, such as black and white list, current limiting and speed limiting.
    • High performance: on a single core, QPS can reach 18K with a delay of only 0.2ms.
    • fault injection
    • REST Admin API
    • Python SDK
  • Highly scalable

    • Custom plug-ins: allows mounting of common stages, such asinit,rewriteaccessbalancer,header filerbody filterandlogStage.
    • Custom load balancing algorithm: you can use thebalancerPhase uses custom load balancing algorithm.
    • Custom Routing: support users to implement their own routing algorithm.

install

Apifix can be successfully installed and tested in the following operating systems. It should be noted that the openresty version must be > = 1.15.8.1:

CentOS 7, Ubuntu 16.04, Ubuntu 18.04, Debian 9, Debian 10, macOS,ARM64Ubuntu 18.04

To install apifix:

  1. Install runtime dependencies: openresty and etcd. Refer to the dependency installation documentation
  2. There are several ways to install Apache APIs IX:

    • Through the source code package installation;
    • If you are using CentOS 7, you can install it using the RPM package;
    • Other Linux operating systems can use lualocks installation mode;
    • You can also use the docker image to install.

Domestic open source project apifix: cloud native microservice API gateway