Demystifying Apache APISIX: The Ideal Microservices Gateway
5 min read
In my previous blog post, I discussed the role of an API Gateway in a microservice architecture. Several commercial or open-source cores could play the role of an API gateway in our architecture today. Choosing the ideal gateway for your microservice architecture can be tricky.
This article will introduce Apache APISIX, an open-source API gateway that handles rate limit options and has complete control of external traffic's access into internal backend API services with ease. We will look at what makes it stand out from other gateway services. We will also discuss a detailed explanation of getting started with the Apache APISIX gateway.
Before we dig into this topic, let's talk about API gateways.
What is an API gateway?
As explained in the previous article, API gateways are single entry points for all clients. They sit between the client and the backend services. API requests from clients get proxied/routed to the appropriate service by evoking multiple backend services. The results are then aggregated and returned to the client.
Difficulties of gateway implementations
- Most API Gateways are suitable for handling enterprise intranet traffic and cannot withstand tens of thousands of client requests.
- Some gateways depend on relational databases, which are challenging to scale elastically. Most of these systems are old and were developed before the emergence of microservices.
What is Apache APISIX
Apache APISIX is a Top-Level Project under the Apache foundation. It is a cloud-native API gateway that handles the interface traffic on multiple platforms for Cloud Computing, FinTech, Insurance, Marketplaces, Real Estate, Security, Speech Recognition, and Travel, among other industries.
Apache APISIX is simply a dynamic, real-time, high-performance API gateway. Compared with traditional API gateways, APISIX delivers suitable functions for API management under the microservices system. This is possible using dynamic routing, authentication, observability, plugin hot-reloading, gRPC protocol transcoding, and more.
Enterprises can quickly manage API and microservice traffic with Apache APISIX, using features like flow-limiting authentication, logging security, and support for complex custom plugins.
APISIX has an admin dashboard where users can easily manage & configure plugins, routes and other components. It can be integrated with many open-source statistics and monitoring components such as Prometheus, Apache Skywalking and Zipkin to improve performance.
APISIX control dashboard
Apache APISIX Architecture
Apache APISIX comprises three parts:
- Data Plane: to dynamically control the request traffic and implement traffic processing and distribution;
- Control Plane: to store and synchronize gateway data configuration;
- AI Plane(TODO): to orchestrate plugins, as well as real-time analysis and processing of request traffic.
Components of Apache APISIX
Plugins: APISIX has more than 70 built-in plugins developed with Lua, including identity authentication, limit rate, limit request, security, log, observability, etc. These plugins cover all the features that users may encounter in the enterprise. Through these plugins, users can turn APISIX into various gateways required by their business. Although inspired by Kong, the architecture and design of Apache APISIX plugins are entirely distinctive. It supports hot-reloading, so you don't have to restart the service; it also eases the struggle of writing code.
Route: APISIX uses an Adaptive Lua-resty-radixtree to assemble all the good characteristics of routes. Lua-resty-radixtree single core can reach millions of matches per second. It supports all built-in variables of Nginx and custom functions.
Schema: Apache APISIX uses the jsonschema, which provides a JSON schema draft 4, draft 6, draft seven validators for Lua/LuaJIT. This JsonSchema takes care of the description of API and facilitates the cooperation between individuals and the user interface. This verification standard almost covers mainstream languages such as C, Java, JS, etc. Although APISIX uses JSON Schema semantics, it isn't bound nor limited to JSON.
Storage: APISIX only relies on etcd; therefore, APISIX is designed for high availability. It uses Lua-resty-etcd to get configurations from, etcd.
How is APISIX Different From Other Gateway Services?
- It covers all features of the Nginx.
- Super performance: High performance is the main advantage of Apache APISIX.
- The most significant feature of Apache APISIX is that it is fully dynamic, including routing, SSL certificates, plugins, etc.
- Hot-updated plugins. Inside Apache APISIX, plugins are built similar to Lego bricks. You can easily be modified, remove or add a plugin without restarting the service. This makes controlling external workloads in APISIX easy and a lot more flexible. Apache APISIX also makes provision for custom plugins to handle custom processing in the edge layer of the business.
- APISIX is supported by two significant architectures, X86 and ARM64. It also supports OpenResty and Tengine run environments & runs on bare metal to various servers in public clouds.
- APISIX offers multi-protocol and multi-platform support such as HTTP(s), TCP, UDP, HTTP to gRPC transcoding, Websocket, gRPC, Apache Dubbo, and MQTT proxy
- Support version control. While using APISIX, If a newly-released version gets something wrong, you can easily backspace the old version without experiencing any drawbacks in the process.
- Identity-based zero trust. External identity authentication is possible with the newly integrated Future. At this moment, achieving zero trust and using external identity authentication suppliers to access all services is simple. After deploying a few parameters, we can add the identity authentication function to the API.
- Open source: Apache APISIX was open-sourced on June 6th, 2019. Since then has gained more than 8700 stars and about 287 contributors on GitHub. It is a developers' community with more than 2000 members. You can join the community through Slack or a Mailing list.
Kong VS APISIX
Apache APISIX has a dashboard that makes it easy for admins to define routes, upstream, and backend services. To get started with Apache APISIX, here is a Quick Start video tutorial that covers:
- How to install Apache APISIX via Docker.
- Create a Route, Upstream service for your API Gateway with the help of Admin API.
- Bind the route with the Upstream.
- Verify the result via Admin API of Apache APISIX.
Getting started with APISIX