This guide helps you understand the core differences between Serverless instances and dedicated instances of Cloud-native API Gateway, so you can choose the right instance type for your business needs.
Serverless instances are currently in public beta and free during this period. Cost comparisons are not covered in this document. Refer to the official commercial pricing announcement for final pricing.
Instance overview
Cloud-native API Gateway offers two instance types:
Instance type | Resource model | Use cases | SLA |
Serverless instance | Platform-managed, auto-scaling | Variable traffic / Small-to-medium scale / Quick start | 99.9% |
Dedicated instance | Exclusive physical resources | High-frequency steady-state / Compliance audit / Deep customization | 99.99% |
Core differences
Resources and isolation
Dimension | Serverless instance | Dedicated instance |
Compute resources | Platform-managed multi-tenant shared pool | Exclusive physical resources |
Ingress | Tenant-independent | Tenant-independent |
Failure domain | Pool-level isolation | Instance-level isolation |
Neighbor impact | Minimal (independent NLB + platform rate limiting protection) | None |
Capability comparison
Capability | Serverless instance | Dedicated instance |
API routing (REST / HTTP) | Supported | Supported |
Built-in policies (rate limiting, timeout, retry, CORS, header rewrite, IP blacklist/whitelist) | Supported | Supported |
Consumer management (API Key / JWT / HMAC) | Supported | Supported |
Global authentication and authorization | Not yet supported, planned | Supported |
Container Service / Nacos service source | Supported | Supported |
FC / SAE service source | Not yet supported, planned | Supported |
Health check (active + passive) | Not yet supported, planned | Supported |
Plug-in marketplace | Partial support | Supported |
Custom plug-ins | Not supported | Supported |
WAF protection | Not yet supported, planned | Supported |
Default alerting | Not yet supported, planned | Supported |
Nginx Ingress migration | Not yet supported, planned | Supported |
Tracing | Supported | Supported |
Server-side mTLS mutual authentication | Supported | Supported |
Client-side mTLS mutual authentication | Not yet supported, planned | Supported |
Auto-scaling | Supported | Manual scaling |
Instance specification scaling | Not applicable | Supported |
Engine version upgrade | Platform-managed | Supported |
Custom engine parameters | Not supported, platform defaults applied | Supported |
Operations and delivery
Dimension | Serverless instance | Dedicated instance |
Instance creation | Seconds | Minutes |
Operations overhead | Fully maintenance-free | Requires operations (scaling / restart / upgrade) |
Instance restart | Platform-managed | User-initiated |
Scaling | Auto-scaling | Manual operation |
Load and scale
Dimension | Serverless instance | Dedicated instance |
Suitable workload | Low-frequency / Burst / Highly variable peak-to-trough | High-frequency / Steady-state / Long-term |
Recommendations by business profile
Business profile | Recommended type | Key reason |
Individual developer / Learning and trial | Serverless instance | Instant setup, free during public beta |
Demo / PoC | Serverless instance | Instant setup, zero maintenance |
Internal tools / Admin systems | Serverless instance | Low traffic, lightweight capability needs |
Small-to-medium front-end business | Serverless instance | Start maintenance-free, evaluate upgrade when traffic stabilizes |
Business with highly variable peak-to-trough traffic | Serverless instance | Auto-scaling, no manual capacity planning |
High-frequency steady-state business | Dedicated instance | Deterministic resources, not relying on Serverless auto-scaling |
Finance / Government enterprise core systems | Dedicated instance | Physical isolation, compliance audit, deep customization |
Need custom plug-ins | Dedicated instance | Serverless instance does not support custom plug-ins |
Need higher SLA | Dedicated instance | SLA 99.99% |
Typical scenario recommendations
Scenarios recommended for Serverless instances
Sandbox / Test environments: Maintenance-free + auto-scaling, no ongoing operations cost during idle periods.
Long-tail / Low-frequency business: Single-service QPS < 100, daily call volume < 1 million, capability needs focused on routing, rate limiting, and consumer authentication.
Quick validation scenarios: Want instant setup, zero maintenance, and focus on the business itself.
Scenarios recommended for dedicated instances
Steady-state high QPS: QPS is stable and high-volume.
Compliance and data isolation: Finance, government, and healthcare scenarios requiring physical isolation and audit trails.
Deep customization needs: Custom engine parameters, custom plug-ins.
Core transaction links: Require maximum stability and failure domain isolation.
Upgrade paths
Path | Supported? | Description |
Serverless instance → Dedicated instance | Auto migration not supported | Users can manually rebuild using API export/import capabilities |
Dedicated instance → Serverless instance | Auto migration not supported | Capabilities will downgrade; evaluate whether your business can align with the Serverless instance capability range |
Determine the instance type based on your business scale and capability needs at purchase. If future growth is uncertain, start with a Serverless instance and plan upgrades based on actual traffic and capability requirements.
FAQ
Is the Serverless instance ingress shared?
No. Each Serverless instance has an independent ingress endpoint, ensuring traffic isolation and tenant-level SLA. Only the platform-managed gateway engine compute pool is shared.
How significant is the SLA difference between Serverless and dedicated instances?
99.9% translates to a maximum of approximately 43 minutes of downtime per month; 99.99% translates to approximately 5 minutes. The independent NLB plus pool-level disaster recovery of Serverless instances covers the vast majority of business scenarios.
Is it feasible to migrate from a dedicated instance to a Serverless instance?
Auto migration is not currently provided, and you must first confirm that all capabilities your business depends on are supported by Serverless instances.
Are Serverless instances charged during the public beta period?
The public beta period is completely free. All billing items are not charged (except for public network traffic). Notification will be sent before the transition to commercial use, and final pricing will be based on the official announcement.
Will currently unsupported capabilities be added to Serverless instances later?
Some capabilities will be gradually added in subsequent versions (such as WAF, alerting, plug-ins, etc.). Some capabilities will not be introduced due to the Serverless multi-tenant architecture constraints (such as custom plug-ins, custom engine parameters). If you definitively need these capabilities, choose a dedicated instance.
Do Serverless instances support HTTPS and custom certificates?
Yes. You can associate certificates from the Digital Certificate Management Service through the console, and you can also upload your own certificates.