CommunityBiweekly Report (Feb 27 - Mar 12)From 2.27 to 3.12, 29 contributors submitted 74 commits for Apache APISIX. Thank you for your contributions to Apache APISIX.
EcosystemgRPC on the client sideMost inter-systems communication components that use REST serialize their payload in JSON. As of now, JSON lacks a widely-used schema validation standard: JSON Schema is not widespread. Standard schema validation allows delegating the validation to a third-party library and being done with it. Without one, we must fall back to manual validation in the code. Worse, we must keep the validation code in sync with the schema.XML has schema validation out-of-the-box: an XML document can declare a grammar that it must conform to. SOAP, being based on XML, benefits from it too.Other serialization alternatives have a schema validation option: e.g., Avro, Kryo and Protocol Buffers. Interestingly enough, gRPC uses Protobuf to offer RPC across distributed components:
CommunityRelease Apache APISIX 3.2.0As the first LTS version since the 3.0 version, APISIX 3.2.0 is officially released! This release is a significant milestone for the 3.x era to replace the 2.x era.
EcosystemAuthenticate with OpenID Connect and Apache APISIXLots of companies are eager to provide their identity provider: Twitter, Facebook, Google, etc. For smaller businesses, not having to manage identities is a benefit. However, we want to avoid being lo...
EcosystemMake your security policy auditableLast week, I wrote about putting the right feature at the right place. I used rate limiting as an example, moving it from a library inside the application to the API Gateway. Today, I'll use another example: authentication and authorization.
CommunityBiweekly Report (Feb 13 - Feb 26)From 2.13 to 2.26, 23 contributors submitted 51 commits for Apache APISIX. Thank you for your contributions to Apache APISIX.
EcosystemThe right feature at the right placeBefore moving to Developer Relations, I transitioned from Software Architect to Solution Architect long ago. It's a reasonably common career move. The problem in this situation is two-fold:You know perfectly well software librariesYou don't know well infrastructure componentsIt seems logical that people in this situation try to solve problems with the solutions they are most familiar with. However, it doesn't mean it's the best approach. It's a bad one in most cases.
EcosystemSecuring Admin Access to Apache APISIXAPI Gateways are critical components in one's infrastructure. If an attacker could change the configuration of routes, they could direct traffic to their infrastructure. Consequences could range from ...
EcosystemHow to Integrate API Gateway and Consul? Not Consul K/VApache APISIX supports the Consul service discovery registry. This article will walk you through the process of implementing service discovery and service registry in Apache APISIX.