After you develop a plug-in, you can upload it by releasing it on the Plug-in Marketplace page in the console. Only the current primary account or a RAM user with AI Gateway permissions can view and use the plug-in. The built-in plug-ins and uploaded plug-ins are enabled in the same way.
Procedure
Log on to the AI Gateway console.
In the navigation pane on the left, select Plug-in. In the navigation bar at the top, select a region.
In the upper-right corner of the Plug-in Marketplace page, click Release Plug-in.
In the Release Plug-in panel, configure the plug-in parameters, click Upload, and wait for the plug-in to be released (this process may take about 30 seconds).
Parameter
Description
Select Language
Select the programming language that is used to develop the plug-in.
Plug-in ID
Specify the ID of the plug-in.
Plug-in Name
Specify the name of the plug-in.
Plug-in Description
Enter a description of the plug-in. After you configure this parameter, the description is displayed on the plug-in card.
Version Description
Enter a description of the plug-in version.
WASM File
Upload the plug-in binary file that is compiled and created on your on-premises machine. The file name extension must be .wasm.
Execution Stage
Stage processing order: Authentication Stage > Authorization Stage > Statistics Stage > Default Stage. If the execution of the plug-in does not depend on the execution order of other plug-ins, select Default from the drop-down list.
Execution Priority
Specify the execution priority of the plug-in in the specified stage. A larger value indicates a higher priority. If you want to specify a value, we recommend that you enter an integral multiple of 10.
Compatible Gateway Version
Select Any Version or Specified Version.
Any Version: The plug-in can be installed on gateways of any version.
Specified Version: The plug-in can be installed only on gateways of the specified version or later versions.
Plug-in and policy priority
The following plug-ins and policies are executed in descending priority from top to bottom.
Name | Type | Execution Stage | Priority | Remarks |
IP address blacklist and whitelist | Policy | RBAC Filter | ||
http-real-ip | Plug-in | Authentication Stage | 980 | Traffic management plug-ins |
ModelRouter | Plug-in | Authentication Stage | 900 | AI-API built-in |
ModelMapper | Plug-in | Authentication Stage | 800 | AI-API built-in |
Canary release for frontend applications | Plug-in | Authentication Stage | 450 | Transmission protocol plug-ins |
geo-ip | Plug-in | Authentication Stage | 440 | Transmission protocol plug-ins |
DeGraphQL | Plug-in | Authentication Stage | 430 | Transmission protocol plug-ins |
Browser cache control | Plug-in | Authentication Stage | 420 | Transmission protocol plug-ins |
Request/response transform | Plug-in | Authentication Stage | 410 | Transmission protocol plug-ins |
OAuth2 authentication | Plug-in | Authentication Stage | 350 | Authentication and authorization plug-ins |
JWT authentication | Plug-in | Authentication Stage | 340 | Authentication and authorization plug-ins |
HMAC authentication | Plug-in | Authentication Stage | 330 | Authentication and authorization plug-ins |
Basic authentication | Plug-in | Authentication Stage | 320 | Authentication and authorization plug-ins |
Key authentication | Plug-in | Authentication Stage | 310 | Authentication and authorization plug-ins |
External authentication | Plug-in | Authentication Stage | 300 | Authentication and authorization plug-ins |
OPA | Plug-in | Authentication Stage | 225 | Authentication and authorization plug-ins |
Request verification | Plug-in | Authentication Stage | 220 | Transmission protocol plug-ins |
IP restriction | Plug-in | Authentication Stage | 210 | Security protection plug-ins |
JWT Logout | Plug-in | Authentication Stage | 50 | Authentication and authorization plug-ins |
General response cache | Plug-in | Authentication Stage | 10 | Transmission protocol plug-ins |
Cross-origin resource sharing | Plug-in | Authorization Stage | 340 | Security protection plug-ins |
WAF | Plug-in | Authorization Stage | 330 | Security protection plug-ins |
Request blocking | Plug-in | Authorization Stage | 320 | Security protection plug-ins |
Bot blocking | Plug-in | Authorization Stage | 310 | Security protection plug-ins |
ai-data-masking | Plug-in | Default Stage | 991 | AI plug-ins |
ai-statistics | Plug-in | Default Stage | 990 | AI plug-ins |
ai-security-guard | Plug-in | Default Stage | 850 | AI plug-ins |
ai-cache | Plug-in | Default Stage | 800 | AI plug-ins |
ai-quota | Plug-in | Default Stage | 750 | AI plug-ins |
ai-intent | Plug-in | Default Stage | 700 | AI plug-ins |
ai-history | Plug-in | Default Stage | 650 | AI plug-ins |
ai-token-ratelimit | Plug-in | Default Stage | 600 | AI plug-ins |
ai-prompt-template | Plug-in | Default Stage | 500 | AI plug-ins |
ai-prompt-decorator | Plug-in | Default Stage | 450 | AI plug-ins |
ai-network-search | Plug-in | Default Stage | 440 | AI plug-ins |
ai-transformer | Plug-in | Default Stage | 410 | AI plug-ins |
ai-rag | Plug-in | Default Stage | 405 | AI plug-ins |
traffic-tag | Plug-in | Default Stage | 400 | Traffic management plug-ins |
ai-json | Plug-in | Default Stage | 150 | AI plug-ins |
ai-proxy | Plug-in | Default Stage | 110 | AI plug-ins |
canary-header | Plug-in | Default Stage | 100 | Traffic management plug-ins |
Key-based cluster rate limiting | Plug-in | Default Stage | 20 | Traffic management plug-ins |
Key-based rate limiting | Plug-in | Default Stage | 10 | Traffic management plug-ins |
Concurrency control/traffic shaping/circuit breaking | Policy | Sentinel Filter | ||
Timeout/retry/traffic replication/header modification/HTTP rewrite/cross-domain | Policy | Router Filter |
FAQ
What might cause a plug-in release to fail?
In most cases, plug-ins fail to be published because the .wasm file of the plug-in is in an invalid binary format. For a demo example of successfully loading the WASM file in a local environment, see Develop gateway plug-ins by using Go.