MSE cloud-native gateways are compatible with Kubernetes (K8s) Ingresses. They support multiple service discovery methods, such as Container Service for Kubernetes (ACK) and Nacos, and provide a rich set of security and O&M capabilities. This topic describes the features of cloud-native gateways.
Features
You can learn about cloud-native gateways from the following perspectives: creating gateways, associating services, configuring routes, monitoring and alerting, and security integration.
Create a gateway
Feature | Description |
Creating a gateway: Assessing the capabilities of a Cloud-Native Gateway | Review the benchmark data for gateway instances with different specifications and node counts to select the appropriate instance type. |
Create a cloud-native gateway based on your existing microservice environment. | |
If your cloud-native gateway is a subscription instance, you can renew it. | |
If the current specifications of your gateway instance do not meet your business requirements, you can upgrade the instance specifications. | |
Associate one or more public or private Server Load Balancer (SLB) instances with a gateway instance as needed. |
Associate services
Feature | Description |
When you associate a cloud-native gateway with an ACK cluster, the gateway automatically discovers the services deployed in the cluster and their endpoints. | |
When you associate a cloud-native gateway with an MSE Nacos registry, the gateway automatically discovers services from the specified namespace. | |
Select the services to subscribe to from the associated service sources. | |
For services without an automatic discovery mechanism, manually add their backend endpoints to the gateway. | |
Set service versions for services added to the gateway. Service versioning is used in scenarios such as canary releases, tag-based routing, and high availability (HA) deployments. |
Configure routes
Feature | Description |
Associate multiple domain names with your gateway, in addition to the default wildcard (*) domain name. | |
Configure routing rules that direct traffic to a single backend service. | |
Configure routing rules that direct traffic to multiple backend services. | |
Configure tag-based routing rules. | |
Configure routing rules that return a mock response. | |
Configure throttling policies for gateway routes. | |
Configure request and response header policies for gateway routes. | |
Configure path and host rewrite policies for gateway routes. | |
For routes that require cross-origin access, configure suitable cross-origin resource sharing (CORS) policies. |
Monitor and alert
Feature | Description |
View global data for the cloud-native gateway. | |
View monitoring data for gateway instances. | |
View the top workload rankings for the cloud-native gateway. | |
View access log information for the cloud-native gateway. | |
Enable Tracing Analysis on the cloud-native gateway and use it with backend services to achieve end-to-end observability. | |
Enable log delivery to send gateway logs to your Simple Log Service (SLS) service. This lets you build custom log processing applications. | |
Configure alert policies based on the observability metrics of your cloud-native gateway. |
Security integration
Feature | Description |
Configure HTTPS certificates for the default wildcard (*) domain name or other associated domain names. | |
Configure an IP address blacklist for the cloud-native gateway. | |
Integrate your custom-built authentication and authorization service with the cloud-native gateway. | |
Configure JSON Web Token (JWT) authentication and authorization for the cloud-native gateway. | |
Configure OpenID Connect (OIDC) authentication and authorization for the cloud-native gateway. | |
Configure Identity as a Service (IDaaS) authentication and authorization for the cloud-native gateway. |