CommunityBiweekly Report (Mar 13 - Mar 26)From 3.13 to 3.26, 25 contributors submitted 54 commits for Apache APISIX. Thank you for your contributions to Apache APISIX.
EcosystemmTLS everywhereSecurity in one's information system has always been among the most critical Non-Functional Requirements. Transport Secure Layer, aka TLS, formerly SSL, is among its many pillars. In this post, I'll show how to configure TLS for Apache APISIX.
CommunityBiweekly Report (Feb 27 - Mar 12)From 2.27 to 3.12, 29 contributors submitted 74 commits for Apache APISIX. Thank you for your contributions to Apache APISIX.
EcosystemgRPC on the client sideMost inter-systems communication components that use REST serialize their payload in JSON. As of now, JSON lacks a widely-used schema validation standard: JSON Schema is not widespread. Standard schema validation allows delegating the validation to a third-party library and being done with it. Without one, we must fall back to manual validation in the code. Worse, we must keep the validation code in sync with the schema.XML has schema validation out-of-the-box: an XML document can declare a grammar that it must conform to. SOAP, being based on XML, benefits from it too.Other serialization alternatives have a schema validation option: e.g., Avro, Kryo and Protocol Buffers. Interestingly enough, gRPC uses Protobuf to offer RPC across distributed components:
CommunityRelease Apache APISIX 3.2.0As the first LTS version since the 3.0 version, APISIX 3.2.0 is officially released! This release is a significant milestone for the 3.x era to replace the 2.x era.
EcosystemAuthenticate with OpenID Connect and Apache APISIXLots of companies are eager to provide their identity provider: Twitter, Facebook, Google, etc. For smaller businesses, not having to manage identities is a benefit. However, we want to avoid being lo...
EcosystemMake your security policy auditableLast week, I wrote about putting the right feature at the right place. I used rate limiting as an example, moving it from a library inside the application to the API Gateway. Today, I'll use another example: authentication and authorization.
CommunityBiweekly Report (Feb 13 - Feb 26)From 2.13 to 2.26, 23 contributors submitted 51 commits for Apache APISIX. Thank you for your contributions to Apache APISIX.
EcosystemThe right feature at the right placeBefore moving to Developer Relations, I transitioned from Software Architect to Solution Architect long ago. It's a reasonably common career move. The problem in this situation is two-fold:You know perfectly well software librariesYou don't know well infrastructure componentsIt seems logical that people in this situation try to solve problems with the solutions they are most familiar with. However, it doesn't mean it's the best approach. It's a bad one in most cases.
