<!-- # # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # -->

Apache APISIX API Gateway ｜ AI Gateway

<img src="./logos/apisix-white-bg.jpg" alt="APISIX logo" height="150px" align="right" />

Apache APISIX is a dynamic, real-time, high-performance API Gateway.

APISIX API Gateway provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more.

APISIX can serve as an AI Gateway through its flexible plugin system, providing AI proxying, load balancing for LLMs, retries and fallbacks, token-based rate limiting, and robust security to ensure the efficiency and reliability of AI agents. APISIX also provides the mcp-bridge plugin to seamlessly convert stdio-based MCP servers to scalable HTTP SSE services.

You can use APISIX API Gateway to handle traditional north-south traffic, as well as east-west traffic between services. It can also be used as a k8s ingress controller.

The technical architecture of Apache APISIX:

Community

• Kindly Write a Review for APISIX in G2.
• Mailing List: Mail to dev-subscribe@apisix.apache.org, follow the reply to subscribe to the mailing list.
• Slack Workspace - invitation link (Please open an issue if this link is expired), and then join the #apisix channel (Channels -> Browse channels -> search for "apisix").
• - follow and interact with us using hashtag #ApacheAPISIX
• Documentation
• Discussions
• Blog

Features

You can use APISIX API Gateway as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc.

• All platforms

  • Cloud-Native: Platform agnostic, No vendor lock-in, APISIX API Gateway can run from bare-metal to Kubernetes.
  • Supports ARM64: Don't worry about the lock-in of the infra technology.

• Multi protocols

  • TCP/UDP Proxy: Dynamic TCP/UDP proxy.
  • Dubbo Proxy: Dynamic HTTP to Dubbo proxy.
  • Dynamic MQTT Proxy: Supports to load balance MQTT by client_id, both support MQTT 3.1.*, 5.0.
  • gRPC proxy: Proxying gRPC traffic.
  • gRPC Web Proxy: Proxying gRPC Web traffic to gRPC Service.
  • gRPC transcoding: Supports protocol transcoding so that clients can access your gRPC API by using HTTP/JSON.
  • Proxy Websocket
  • Proxy Protocol
  • HTTP(S) Forward Proxy
  • SSL: Dynamically load an SSL certificate
  • HTTP/3 with QUIC

• Full Dynamic

  • Hot Updates And Hot Plugins: Continuously updates its configurations and plugins without restarts!
  • Proxy Rewrite: Support rewrite the host, uri, schema, method, headers of the request before send to upstream.
  • Response Rewrite: Set customized response status code, body and header to the client.
  • Dynamic Load Balancing: Round-robin load balancing with weight.
  • Hash-based Load Balancing: Load balance with consistent hashing sessions.
  • Health Checks: Enable health check on the upstream node and will automatically filter unhealthy nodes during load balancing to ensure system stability.
  • Circuit-Breaker: Intelligent tracking of unhealthy upstream services.
  • Proxy Mirror: Provides the ability to mirror client requests.
  • Traffic Split: Allows users to incrementally direct percentages of traffic between various upstreams.

• Fine-grained routing

  • Supports full path matching and prefix matching
  • Support all Nginx built-in variables as conditions for routing, so you can use cookie, args, etc. as routing conditions to implement canary release, A/B testing, etc.
  • Support various operators as judgment conditions for routing, for example {"arg_age", ">", 24}
  • Support custom route matching function
  • IPv6: Use IPv6 to match the route.
  • Support TTL
  • Support priority
  • Support Batch Http Requests
  • Support filtering route by GraphQL attributes

• Security

  • Rich authentication & authorization support:
    • key-auth
    • JWT
    • basic-auth
    • wolf-rbac
    • casbin
    • keycloak
    • casdoor
  • IP Whitelist/Blacklist
  • Referer Whitelist/Blacklist
  • IdP: Support external Identity platforms, such as Auth0, okta, etc..
  • Limit-req
  • Limit-count
  • Limit-concurrency
  • Anti-ReDoS(Regular expression Denial of Service): Built-in policies to Anti ReDoS without configuration.
  • CORS Enable CORS(Cross-origin resource sharing) for your API.
  • URI Blocker: Block client request by URI.
  • Request Validator
  • CSRF Based on the Double Submit Cookie way, protect your API from CSRF attacks.

• OPS friendly

  • Zipkin tracing: Zipkin
  • Open source APM: support Apache SkyWalking
  • Works with external service discovery: In addition to the built-in etcd, it also supports Consul, Consul_kv, Nacos, Eureka and Zookeeper (CP).
  • Monitoring And Metrics: Prometheus
  • Clustering: APISIX nodes are stateless, creates clustering of the configuration center, please refer to etcd Clustering Guide.
  • High availability: Support to configure multiple etcd addresses in the same cluster.
  • Dashboard
  • Version Control: Supports rollbacks of operations.
  • CLI: start\stop\reload APISIX through the command line.
  • [Standalone](docs/e