Cloud-native API Gateway unifies traffic, microservice, and security gateways into a single architecture for service exposure, traffic management, application ingress, and full API lifecycle management. It delivers 1 to 5 times higher performance than self-built gateways, with battle-tested stability from Double 11, multi-layered security (mTLS, logon authentication, WAF, custom plug-ins), and hot-updatable plug-in extensibility.
Why Cloud-native API Gateway
|
Advantage |
Description |
|
Open source compatibility |
100% compatible with open source Higress and NGINX Ingress. Integrates with K8s and improves performance, observability, and ease of use. |
|
Fully managed service |
Runs as a fully managed cluster. You focus on business development without handling deployment or O&M. |
|
High availability |
Comprehensive monitoring and O&M capabilities that address availability pain points of open source middleware. |
|
Cloud-native architecture |
All product components are containerized. Includes a K8s Ingress controller and integrates deeply with container services. |
|
Visual management |
Visual interface for API visibility, management, and control. |
Core concepts
Cloud-native API Gateway provides three types of APIs: REST API, HTTP API, and WebSocket API.
HTTP API
HTTP APIs are route-centric interfaces suitable for K8s Ingress, microservice architectures, and AI (SSE) scenarios, enabling quick service exposure.
-
In Kubernetes, an Ingress manages external access to cluster services with Layer 7 load balancing. The Cloud-native API Gateway Ingress controller extends this with stronger traffic management, compatible with NGINX Ingress and over 50 NGINX Ingress annotations (covering 90%+ of use cases). It supports phased releases, flexible service governance, and security protection for large-scale cloud-native distributed applications.
-
When fine-grained API management is not required, configure routes to direct requests to backend services. Routing paths (such as /user/*) are coarser than API operations, enabling quick access configuration and system interaction.
HTTP APIs target development and O&M teams. Routes split business logic and simplify service interaction.
REST API
REST APIs are resource-oriented interfaces that use standard HTTP methods (GET, POST, etc.) to operate on resources. They suit API-first development, cross-team collaboration, and fine-grained API management.
-
An API-first approach designs APIs before building backend services, defining system boundaries and service interactions upfront.
-
Fine-grained management suits scenarios where services are exposed to partners or across internal/external systems. Providers expose specific interfaces, configure per-interface traffic policies, and supply API documentation for consumers.
REST APIs target business-centric teams, promoting cross-team collaboration and rapid iteration.
WebSocket API
WebSocket APIs provide a persistent connection protocol for bidirectional, real-time communication. They support efficient data transmission for applications such as AI, IoT, games, instant messaging, and stock quotes.
WebSocket APIs follow the same route-centric usage path as HTTP APIs, with a longer default timeout period.
Features
|
Feature |
Description |
References |
|
API lifecycle management |
Manage APIs across their full lifecycle: design, development, testing, publishing, and unpublishing. |
|
|
K8s Ingress controller |
Supports K8s Ingress controller. |
N/A |
|
Security authentication |
Integrates authentication and logon systems. Supports HTTPS certificates, IP blacklists/whitelists, authentication and authorization (JWT, OIDC, IDaaS), and unusual traffic scrubbing. |
|
|
Observability |
Global dashboards, instance monitoring, log retrieval, business TOP lists, log delivery, tracing analysis, and alerts. |
|
|
Traffic governance |
Throttling, degradation, service discovery, routing, multi-registry support, traffic tagging, and timeout configuration. |
|
|
Plug-in Marketplace |
Built-in plug-ins for authentication, authorization, traffic management, and security. Upload custom plug-ins to extend capabilities. |
|
|
High availability |
Built on Envoy. Unifies K8s Ingress and microservice gateways. Supports overload protection, seamless publishing and unpublishing, multi-zone disaster recovery, elastic scaling, and automatic fault recovery. SLA of up to 99.99%. |
N/A |
Billing
For more information, see Billing.
Activate Cloud-native API Gateway
Go to the Cloud-native API Gateway activation page to activate Cloud-native API Gateway.
Contact us
For questions about Cloud-native API Gateway, join the DingTalk group (ID: 88010006189) or submit a ticket.