The Cloud-Native API Gateway

Clone this repo:
  1. f4161d3 chore: minor change in bin/apisix (#2847) by willmafh · 12 hours ago master
  2. c6c2e3c feat: support include other nginx config (#2803) by 罗泽轩 · 12 hours ago
  3. e47bd1d chore: If the PR not backward compatible, please discuss on the maili… (#2849) by YuanSheng Wang · 12 hours ago
  4. 0d79edf docs: uses etcd to implement millisecond configuration sync(FAQ) (#2844) by YuanSheng Wang · 14 hours ago
  5. 67eb787 fix: distinguish different routes which has the same service (#2840) by 罗泽轩 · 17 hours ago

Apache APISIX

Build Status License

What's Apache APISIX?

Apache APISIX is a dynamic, real-time, high-performance API gateway, based on the Nginx library and etcd.

APISIX provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more.

You can use Apache APISIX to handle traditional north-south traffic, as well as east-west traffic between services. It can also be used as a k8s ingress controller.

The technical architecture of Apache APISIX:

Contents

Features

You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc.

  • All platforms

    • Cloud-Native: Platform agnostic, No vendor lock-in, APISIX can run from bare-metal to Kubernetes.
    • Run Environment: Both OpenResty and Tengine are supported.
    • Supports ARM64: Don't worry about the lock-in of the infra technology.
  • Multi protocols

    • TCP/UDP Proxy: Dynamic TCP/UDP proxy.
    • Dynamic MQTT Proxy: Supports to load balance MQTT by client_id, both support MQTT 3.1.*, 5.0.
    • gRPC proxy: Proxying gRPC traffic.
    • gRPC transcoding: Supports protocol transcoding so that clients can access your gRPC API by using HTTP/JSON.
    • Proxy Websocket
    • Proxy Protocol
    • Proxy Dubbo: Dubbo Proxy based on Tengine.
    • HTTP(S) Forward Proxy
    • SSL: Dynamically load an SSL certificate.
  • Full dynamic

    • Hot Updates And Hot Plugins: Continuously updates its configurations and plugins without restarts!
    • Proxy Rewrite: Support rewrite the host, uri, schema, enable_websocket, headers of the request before send to upstream.
    • Response Rewrite: Set customized response status code, body and header to the client.
    • Serverless: Invoke functions in each phase in APISIX.
    • Dynamic Load Balancing: Round-robin load balancing with weight.
    • Hash-based Load Balancing: Load balance with consistent hashing sessions.
    • Health Checks: Enable health check on the upstream node, and will automatically filter unhealthy nodes during load balancing to ensure system stability.
    • Circuit-Breaker: Intelligent tracking of unhealthy upstream services.
    • Proxy Mirror: Provides the ability to mirror client requests.
  • Fine-grained routing

  • Security

  • OPS friendly

    • OpenTracing: support Apache Skywalking and Zipkin
    • works with external service discovery:In addition to the built-in etcd, it also supports Consul and Nacos DNS discovery mode, and Eureka
    • Monitoring And Metrics: Prometheus
    • Clustering: APISIX nodes are stateless, creates clustering of the configuration center, please refer to etcd Clustering Guide.
    • High availability: support to configure multiple etcd addresses in the same cluster.
    • Dashboard: Built-in dashboard to control APISIX.
    • Version Control: Supports rollbacks of operations.
    • CLI: start\stop\reload APISIX through the command line.
    • Stand-alone mode: Supports to load route rules from local yaml file, it is more friendly such as under the kubernetes(k8s).
    • Global Rule: Allows to run any plugin for all request, eg: limit rate, IP filter etc.
    • High performance: The single-core QPS reaches 18k with an average delay of less than 0.2 milliseconds.
    • Fault Injection
    • REST Admin API: Using the REST Admin API to control Apache APISIX, which only allows 127.0.0.1 access by default, you can modify the allow_admin field in conf/config.yaml to specify a list of IPs that are allowed to call the Admin API. Also note that the Admin API uses key auth to verify the identity of the caller. The admin_key field in conf/config.yaml needs to be modified before deployment to ensure security.
    • External Loggers: Export access logs to external log management tools. (HTTP Logger, TCP Logger, Kafka Logger, UDP Logger)
  • Highly scalable

    • Custom plugins: Allows hooking of common phases, such as rewrite, access, header filer, body filter and log, also allows to hook the balancer stage.
    • Custom load balancing algorithms: You can use custom load balancing algorithms during the balancer phase.
    • Custom routing: Support users to implement routing algorithms themselves.

Documentation

Document Indexing for Apache APISIX

Get Started

Configure and Installation

APISIX Installed and tested in the following systems:

CentOS 7, Ubuntu 16.04, Ubuntu 18.04, Debian 9, Debian 10, macOS, ARM64 Ubuntu 18.04

There are several ways to install the Apache Release version of APISIX:

  1. Source code compilation (applicable to all systems)

    • Installation runtime dependencies: OpenResty and etcd, and compilation dependencies: luarocks. Refer to install dependencies documentation
    • Download the latest source code release package:
      $ mkdir apisix-2.0
      $ cd apisix-2.0
      $ wget https://downloads.apache.org/apisix/2.0/apache-apisix-2.0-src.tgz
      $ tar zxvf apache-apisix-2.0-src.tgz
      
    • Install the dependencies:
      $ make deps
      
    • check version of APISIX:
      $ ./bin/apisix version
      
    • start APISIX:
      $ ./bin/apisix start
      
  2. Docker image (applicable to all systems)

    By default, the latest Apache release package will be pulled:

    $ docker pull apache/apisix
    

    The Docker image does not include etcd, you can refer to docker compose example to start a test cluster.

  3. RPM package(only for CentOS 7)

    $ sudo yum install -y https://github.com/apache/apisix/releases/download/2.0/apisix-2.0-0.el7.noarch.rpm
    
    • check version of APISIX:
      $ apisix version
      
    • start APISIX:
      $ apisix start
      

Note: Apache APISIX would not support the v2 protocol of etcd anymore since APISIX v2.0, and the minimum etcd version supported is v3.4.0. Please update etcd when needed. If you need to migrate your data from etcd v2 to v3, please follow etcd migration guide.

For Developer

  1. For developers, you can use the latest master branch to experience more features

    • build from source code
    $ git clone git@github.com:apache/apisix.git
    $ cd apisix
    $ make deps
    
    • Docker image
    $ git clone https://github.com/apache/apisix-docker.git
    $ cd apisix-docker
    $ sudo docker build -f alpine-dev/Dockerfile .
    
  2. Getting start

    The getting started guide is a great way to learn the basics of APISIX, just follow the steps in Getting Started.

    Further, you can follow the documentation to try more plugins.

  3. Admin API

    Apache APISIX provides REST Admin API to dynamic control the Apache APISIX cluster.

  4. Plugin development

    You can refer to plugin development guide, and sample plugin echo documentation and code implementation.

    Please note that Apache APISIX plugins' added, updated, deleted, etc. are hot loaded, without restarting the service.

For more documents, please refer to Apache APISIX Document Index

Dashboard

APISIX has built-in support for Dashboard, which could be directly deployed by docker compose.

The dashboard only allows 127.0.0.1 by default, and you can modify allow_admin in conf/config.yaml by yourself, to list the list of IPs allowed to access.

Benchmark

Using AWS‘s 8 core server, APISIX’s QPS reach to 140,000 with a latency of only 0.2 ms.

benckmark script, test method and process has been open source, welcome to try and contribute.

Apache APISIX vs Kong

Both of them have been covered core features of API gateway

FeaturesApache APISIXKONG
Dynamic upstreamYesYes
Dynamic routerYesYes
Health checkYesYes
Dynamic SSLYesYes
L4 and L7 proxyYesYes
OpentracingYesYes
Custom pluginYesYes
REST APIYesYes
CLIYesYes

The advantages of Apache APISIX

FeaturesApache APISIXKong
Belongs toApache Software FoundationKong Inc.
Tech ArchitectureNginx + etcdNginx + postgres
Communication channelsMail list, Wechat group, QQ group, Github, meetupGithub, freenode, forum
Single-core CPU, QPS(enable limit-count and prometheus plugins)180001700
Latency0.2 ms2 ms
DubboYesNo
Configuration rollbackYesNo
Route with TTLYesNo
Plug-in hot loadingYesNo
Custom LB and routeYesNo
REST API <--> gRPC transcodingYesNo
TengineYesNo
MQTTYesNo
Configuration effective timeEvent driven, < 1mspolling, 5 seconds
DashboardYesNo
IdPYesNo
Configuration Center HAYesNo
Speed limit for a specified time windowYesNo
Support any Nginx variable as routing conditionYesNo

Benchmark comparison test details data

Open Governance

GitHub milestones lay out the path to Apache APISIX's future improvements.

Community

Contributor Over Time

contributor-over-time

Videos And Articles

User Stories

Who Uses APISIX?

A wide variety of companies and organizations use APISIX for research, production and commercial product, including:

Users are encouraged to add themselves to the Powered By page.

Landscape

Logos

Contributing

We welcome all kinds of contributions from the open-source community, individuals and partners.

Acknowledgments

Inspired by Kong and Orange.

License

Apache 2.0 License