Cloud Native API Gateway unifies a traffic gateway, a microservice gateway, and a security gateway into a single architecture. It provides service exposure, traffic management, application traffic ingress, integration, and full lifecycle management for APIs.
The gateway delivers 1 to 5 times higher performance than self-built gateways, proven by events such as the Double 11 Shopping Festival. Security features include mutual TLS (mTLS) authentication, logon authentication, Web Application Firewall (WAF) integration, and custom security plug-ins. Plug-ins support hot updates.
Key advantages
| Advantage | Description |
|---|---|
| Open source compatibility | 100% compatible with open source Higress and NGINX Ingress. Integrates seamlessly with Kubernetes (K8s) and provides improvements in performance, observability, and ease of use. |
| Fully managed service | Runs as a fully managed cluster. You focus on business development without handling deployment or operations and maintenance (O&M). |
| High availability | Provides instances with comprehensive monitoring and O&M capabilities. |
| Cloud native architecture | All product components are containerized. Includes a K8s Ingress controller and integrates deeply with container services. |
| Visual management | Provides a visual interface that makes APIs visible, manageable, and controllable. |
API types
Cloud Native API Gateway supports three API types: REST API, HTTP API, and WebSocket API.
Comparison
| Criteria | HTTP API | REST API | WebSocket API |
|---|---|---|---|
| Design approach | Route-centric | Resource-oriented | Route-centric |
| Protocol | HTTP | HTTP | WebSocket (persistent connection) |
| Typical scenarios | K8s Ingress, microservices, AI scenarios using Server-Sent Events (SSE) | API-first development, cross-team collaboration, fine-grained API management | Real-time communication: AI, IoT, games, instant messaging, stock quotes |
| Target users | Development and O&M teams | Business-centric development teams | Applications that require bidirectional, real-time data exchange |
| Granularity | Coarser (route-level, such as /user/\*) | Finer (individual API operations using standard HTTP methods such as GET and POST) | Same as HTTP API, with a longer default timeout period |
HTTP API
HTTP APIs are route-centric interfaces based on the HTTP protocol. They suit K8s Ingress, microservices, and AI scenarios using SSE.
K8s Ingress
In a K8s cluster, an Ingress manages external access to cluster services and provides Layer 7 load balancing. The Cloud Native API Gateway Ingress controller uses the API gateway to manage Ingress traffic. It is compatible with NGINX Ingress and more than 50 NGINX Ingress annotations, covering over 90% of NGINX Ingress use cases. The controller supports phased releases for multiple service versions, flexible service governance, and comprehensive security protection. This meets the traffic governance requirements of large-scale, cloud native distributed applications.
Microservices and inter-system communication
When fine-grained, API-level management is not required, you can configure routes to define which backend service handles specific requests. Routing paths such as /user/\* have coarser granularity than API operations. This lets you quickly configure access paths and enable interaction between systems.
HTTP APIs are mainly for development or O&M teams. Routes help split business logic and enable service interaction with high flexibility and simplified call logic.
REST API
REST APIs are resource-oriented interfaces based on the HTTP protocol. They use standard HTTP methods such as GET and POST to operate on resources.
API-first development
API-first is a development methodology that designs APIs first. Developers define system boundaries and service interactions by creating APIs before building the backend services.
Fine-grained API management
REST APIs are often used when services are exposed to upstream and downstream partners or for internal and external system collaboration. Service providers expose specific interfaces, configure interface-level traffic policies, and provide comprehensive API documentation for consumers.
REST APIs are mainly for business-centric development teams. They promote cross-team collaboration, system flexibility, and rapid iteration through agile development.
WebSocket API
WebSocket APIs provide a persistent connection protocol for bidirectional, real-time communication. They support efficient data transmission for applications such as AI, IoT, games, instant messaging, and stock quotes.
WebSocket APIs follow the same route-centric usage path as HTTP APIs, with a longer default timeout period.
Features
| Feature | Description | References |
|---|---|---|
| API lifecycle management | Manage APIs across their full lifecycle: design, development, testing, publishing, and unpublishing. | API Management |
| K8s Ingress controller | Use the gateway as a K8s Ingress controller for cluster traffic management. | -- |
| Security authentication | Supports HTTPS certificates, IP address blacklists and whitelists, authentication and authorization (including JSON Web Token (JWT), OpenID Connect (OIDC), and Identity as a Service (IDaaS)), and unusual traffic scrubbing. | Security Management |
| Observability | Monitor your gateway with global dashboards, gateway instance monitoring, log retrieval, business TOP lists, log delivery, Tracing Analysis, and alert management. | Observability and Analysis |
| Traffic governance | Configure throttling and degradation, service discovery, service routing, multiple registration centers, traffic tagging, and timeout settings. | Routing |
| Plug-in Marketplace | Use built-in plug-ins for authentication, authorization, traffic management, and security protection. Upload custom plug-ins to extend gateway capabilities. | Plug-in Marketplace |
| High availability | Built on Envoy. Supports overload protection, seamless publishing and unpublishing, multi-zone disaster recovery, elastic scaling, and automatic fault recovery. Service-Level Agreement (SLA) of up to 99.99%. | -- |
Billing
For more information, see Product Billing.
Activate Cloud Native API Gateway
Contact us
Join the DingTalk group (ID: 88010006189) or submit a ticket.