Container Service for Kubernetes (ACK) clusters or ACK Serverless clusters can use NGINX Ingress gateways or Microservices Engine (MSE) Ingress gateways as Ingress gateways. The features and use scenarios of NGINX Ingress gateways and MSE Ingress gateways are different. This topic compares NGINX Ingress gateways and MSE Ingress gateways in multiple dimensions, such as product positioning, product architecture, performance, and basic routing. The comparison helps you quickly understand the differences between the two types of Ingress gateways and select appropriate Ingress gateways.
NGINX Ingress gateway
MSE Ingress gateway
User-side components can be used together with container services such as Alibaba Cloud ACK or ACK Serverless.
User-side components can be used together with container services such as Alibaba Cloud ACK or ACK Serverless. Seamless conversions of NGINX Ingress annotations are supported.
Support for mainstream protocols
Ingresses are supported.
Lua scripts are supported.
NGINX Ingress gateways are integrated with NGINX Service Mesh.
MSE Ingress gateways are integrated with Istio service mesh (De facto standard).
NGINX Ingress gateways are Kubernetes Ingress gateways that are built based on open source NGINX. NGINX is widely used, and NGINX Ingress gateways have become the default Kubernetes Ingress gateways, which provide basic capabilities, such as the capabilities related to security, routing, and observability. NGINX Ingress gateways are suitable for scenarios in which your service traffic and the requirements for security, scalability, and stability are low and manual O&M is allowed for gateways.
MSE Ingress gateways are high-performance, high-scalability, and high-integration Ingress gateways that are built based on cloud-native gateways of MSE. MSE Ingress gateways provide features such as hardware acceleration, WAF local protection, and WebAssembly plug-in marketplace to help you develop managed gateway middleware. The middleware offers advantages of low costs, high performance, high scalability, and high integration. MSE Ingress gateways support multiple service discovery modes and multiple service canary release policies. In terms of observability, MSE Ingress gateways have end-to-end full-stack capabilities to provide access logs, tracing data, metrics, and alerts. If your service traffic and the requirements for security, scalability, and stability are high, we recommend that you use MSE Ingress gateways as Ingress gateways.