# apache/apisix **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/apache-apisix).** 16,226 stars · 2,786 forks · Lua · apache-2.0 ## Links - GitHub: https://github.com/apache/apisix - Homepage: https://apisix.apache.org/blog/ - awesome-repositories: https://awesome-repositories.com/repository/apache-apisix.md ## Topics `api` `api-gateway` `api-management` `apigateway` `apis` `apisix` `cloud-native` `devops` `docker` `iot` `kubernetes` `kubernetes-ingress` `kubernetes-ingress-controller` `loadbalancing` `luajit` `microservices` `nginx` `reverse-proxy` `serverless` `service-mesh` ## Description This project is a high-performance, distributed API gateway designed to manage, secure, and observe traffic for microservices, serverless functions, and artificial intelligence model providers. It functions as a dynamic service proxy and cloud-native ingress controller, centralizing policy enforcement and traffic routing through a unified configuration interface that synchronizes state across multiple nodes in real time. The platform distinguishes itself through a highly extensible architecture that utilizes a high-performance scripting engine to execute modular logic directly within the request lifecycle. It provides specialized capabilities for modern AI workflows, including model request proxying, token-based budget enforcement, content moderation, and agentic workflow tracing. Furthermore, it supports complex multi-protocol environments by bridging diverse communication standards, including gRPC and various binary protocols, without requiring additional sidecar processes. Beyond its core proxying functions, the gateway offers a comprehensive suite of traffic management and security tools. It handles authentication and authorization through multiple strategies, including token validation and identity provider integration, while maintaining granular control over TLS policies and secret management. The system also provides robust observability through distributed tracing, metrics exporting, and detailed request logging, ensuring visibility into both standard API traffic and complex AI-driven interactions. The software is designed for containerized environments and can be deployed using standard container images, with full support for translating Kubernetes ingress resources into live routing rules. ## Tags ### DevOps & Infrastructure - [API Gateways](https://awesome-repositories.com/f/devops-infrastructure/api-gateways.md) — Manages, secures, and observes traffic for microservices, serverless functions, and AI model providers. - [Ingress Controllers](https://awesome-repositories.com/f/devops-infrastructure/ingress-controllers.md) — Routes external requests into Kubernetes clusters using standard ingress resources and custom definitions. - [Kubernetes Traffic Controllers](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-traffic-controllers.md) — Translates standard ingress resources and custom definitions into live traffic routing rules for containerized environments. ([source](https://apisix.apache.org/learning-center/apisix-vs-kong)) - [AI Model Load Balancers](https://awesome-repositories.com/f/devops-infrastructure/traffic-load-balancers/ai-model-load-balancers.md) — Distributes requests across multiple AI model providers using latency and cost-aware load balancing. ([source](https://apisix.apache.org/ai-gateway/)) - [Traffic Control](https://awesome-repositories.com/f/devops-infrastructure/api-service-management/service-mesh/traffic-control.md) — Manages traffic flow and service stability through request rate control and circuit breaking logic. ([source](https://apisix.apache.org/plugins/)) - [Dynamic Configuration Engines](https://awesome-repositories.com/f/devops-infrastructure/configuration-management/dynamic-runtime-injectors/dynamic-configuration-engines.md) — Updates routing rules, certificates, and plugin behaviors in real-time without requiring service restarts. ([source](https://cdn.jsdelivr.net/gh/apache/apisix@master/README.md)) - [SSL Termination Proxies](https://awesome-repositories.com/f/devops-infrastructure/sidecar-proxies/ssl-termination-proxies.md) — Terminates encrypted SSL/TLS connections at the gateway to offload cryptographic processing from backend services. ([source](https://apisix.apache.org/learning-center/what-is-an-api-gateway/)) - [Traffic Load Balancers](https://awesome-repositories.com/f/devops-infrastructure/traffic-load-balancers.md) — Distributes traffic across backend service instances by continuously monitoring health status and applying weighted routing algorithms. - [API Traffic Management](https://awesome-repositories.com/f/devops-infrastructure/api-service-management/api-management/api-traffic-management.md) — Splits traffic between different service versions to enable canary deployments and controlled rollouts. ([source](https://apisix.apache.org/learning-center/what-is-an-api-gateway/)) - [Automated Service Reliability](https://awesome-repositories.com/f/devops-infrastructure/devops/operational-reliability/automated-service-reliability.md) — Automates service health monitoring and recovery by retrying requests or switching to backup providers upon failure. ([source](https://apisix.apache.org/ai-gateway/)) - [Distributed](https://awesome-repositories.com/f/devops-infrastructure/rate-limiters/distributed.md) — Maintains consistent rate limiting across multiple gateway nodes by synchronizing request counts via external storage. ([source](https://apisix.apache.org/docs/apisix/plugins/limit-count/)) - [Service Discovery](https://awesome-repositories.com/f/devops-infrastructure/service-discovery.md) — Detects available service endpoints and their health status from external registries to ensure traffic is routed to functional instances. ([source](https://apisix.apache.org/learning-center/api-gateway-for-microservices)) - [API Billing Services](https://awesome-repositories.com/f/devops-infrastructure/api-billing-services.md) — Facilitates tiered service plans and billing by grouping API users into distinct entities with unique credentials. ([source](https://apisix.apache.org/learning-center/api-monetization-guide)) - [Containerized Deployments](https://awesome-repositories.com/f/devops-infrastructure/containerized-deployments.md) — Installs on infrastructure using pre-built container images to simplify setup and ensure compatibility. ([source](https://apisix.apache.org/blog/2022/06/07/installation-performance-test-of-apigateway-apisix-on-aws-graviton3)) - [Serverless Function Management](https://awesome-repositories.com/f/devops-infrastructure/serverless-function-management.md) — Proxies requests to cloud-native serverless platforms to execute custom logic as dynamic upstream targets. ([source](https://apisix.apache.org/plugins/)) ### Artificial Intelligence & ML - [AI Security Gateways](https://awesome-repositories.com/f/artificial-intelligence-ml/ai-security-gateways.md) — Routes, monitors, and throttles requests to large language models while enforcing token-based usage and security policies. - [AI Observability Tracing](https://awesome-repositories.com/f/artificial-intelligence-ml/ai-observability-tracing.md) — Correlates individual model calls and tool invocations into logs to provide visibility into AI agent reasoning chains. ([source](https://apisix.apache.org/learning-center/mcp-protocol-ai-gateway)) - [Prompt Augmenters](https://awesome-repositories.com/f/artificial-intelligence-ml/retrieval-augmented-generation-pipelines/prompt-augmenters.md) — Retrieves relevant information from external data sources and injects it into prompts to improve generated output accuracy. ([source](https://apisix.apache.org/docs/apisix/plugins/ai-rag/)) - [AI Service Integrations](https://awesome-repositories.com/f/artificial-intelligence-ml/ai-service-integrations.md) — Proxies requests to language model providers while adding features like token-based rate limiting, prompt decoration, and content moderation. ([source](https://apisix.apache.org/plugins/)) - [Enterprise AI Integration Tools](https://awesome-repositories.com/f/artificial-intelligence-ml/enterprise-ai-integration-tools.md) — Connects language models to internal data sources to ground generated responses in specific organizational context. ([source](https://apisix.apache.org/ai-gateway/)) ### Business & Productivity Software - [AI Token Budget Controllers](https://awesome-repositories.com/f/business-productivity-software/financial-operational-management/billing-financial-systems/billing-and-usage/budget-cap-configurations/ai-token-budget-controllers.md) — Enforces token-based budget caps on AI model requests to prevent excessive spending. ([source](https://apisix.apache.org/learning-center/mcp-protocol-ai-gateway)) - [Usage Metering & Quotas](https://awesome-repositories.com/f/business-productivity-software/usage-metering-quotas.md) — Enforces API usage quotas per consumer to ensure subscription compliance and prevent service abuse. ([source](https://apisix.apache.org/learning-center/api-monetization-guide)) ### Networking & Communication - [Model Request Proxies](https://awesome-repositories.com/f/networking-communication/model-request-proxies.md) — Routes incoming API requests to various language model and embedding providers by transforming configurations into provider-specific formats. ([source](https://apisix.apache.org/docs/apisix/plugins/ai-proxy/)) - [Dynamic Service Proxies](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-infrastructure/dynamic-service-proxies.md) — Functions as a programmable proxy that applies policies and routes traffic without requiring service restarts. - [Distributed State Management](https://awesome-repositories.com/f/networking-communication/distributed-systems-p2p/distributed-computing/data-synchronization-consistency/distributed-state-management.md) — Synchronizes configuration and rate-limiting state across multiple nodes to ensure consistent traffic control. - [Service Traffic Routing](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-routing-traffic-management/network-traffic-management/service-traffic-routing.md) — Routes traffic dynamically to upstream services based on request headers or cookies to support canary releases. ([source](https://cdn.jsdelivr.net/gh/apache/apisix@master/README.md)) - [Circuit Breakers](https://awesome-repositories.com/f/networking-communication/traffic-management-gateways/circuit-breakers.md) — Implements circuit breaking to stop traffic to unhealthy services and prevent cascading failures. ([source](https://apisix.apache.org/learning-center/what-is-an-api-gateway/)) - [Traffic Proxying](https://awesome-repositories.com/f/networking-communication/traffic-proxying.md) — Terminates gRPC connections to apply security, rate limiting, and observability policies while preserving streaming semantics. ([source](https://apisix.apache.org/learning-center/what-is-grpc)) - [API Gateway Configurations](https://awesome-repositories.com/f/networking-communication/api-integration-frameworks/api-management-integration/api-gateways/api-gateway-configurations.md) — Provides a unified interface to create, update, and query gateway configurations including routes and services. ([source](https://apisix.apache.org/docs/apisix/admin-api/)) - [Tracing Context Propagation](https://awesome-repositories.com/f/networking-communication/tracing-context-propagation.md) — Injects standard headers into requests to track their path across services, enabling end-to-end visibility into latency and flows. ([source](https://apisix.apache.org/learning-center/api-gateway-for-microservices)) - [Protocol Bridges](https://awesome-repositories.com/f/networking-communication/transport-bridges/protocol-bridges.md) — Proxies and transcodes traffic between diverse communication standards to enable connectivity across heterogeneous architectures. - [Protocol Gateways](https://awesome-repositories.com/f/networking-communication/protocol-gateways.md) — Routes and load balances traffic for specialized communication protocols to ensure reliable connectivity across diverse backend architectures. ([source](https://apisix.apache.org/plugins/)) ### Software Engineering & Architecture - [Lua-Based Plugin Architectures](https://awesome-repositories.com/f/software-engineering-architecture/software-architecture/architectural-patterns/plugin-module-systems/modular-plugin-architectures/plugin-based-architectures/plugin-based-architectures/lua-based-plugin-architectures.md) — Executes modular logic within the request lifecycle by embedding a high-performance scripting engine directly into the proxy process. - [Plugin Execution Engines](https://awesome-repositories.com/f/software-engineering-architecture/plugin-execution-engines.md) — Executes modular logic at specific stages of the request lifecycle to extend gateway functionality. ([source](https://apisix.apache.org/docs/apisix/architecture-design/apisix/)) - [API Aggregators](https://awesome-repositories.com/f/software-engineering-architecture/api-aggregators.md) — Combines responses from multiple backend services into a single unified response to reduce client-side complexity. ([source](https://apisix.apache.org/learning-center/api-gateway-for-microservices)) ### Data & Databases - [Distributed Key-Value Stores](https://awesome-repositories.com/f/data-databases/distributed-key-value-stores.md) — Propagates routing rules and policy updates to all gateway nodes in real time using a shared distributed key-value store. - [Response Caching](https://awesome-repositories.com/f/data-databases/response-caching.md) — Stores and serves results for repeated or similar prompts to reduce latency and minimize operational costs. ([source](https://apisix.apache.org/learning-center/mcp-protocol-ai-gateway)) - [API Response Caching](https://awesome-repositories.com/f/data-databases/api-response-caching.md) — Stores backend responses at the gateway layer to serve repeat requests faster and reduce upstream processing load. ([source](https://apisix.apache.org/learning-center/what-is-an-api-gateway/)) - [Protocol Buffers](https://awesome-repositories.com/f/data-databases/data-serialization-formats/binary-serialization-protocols/protocol-buffers.md) — Stores and manages binary serialization definitions to facilitate communication and transcoding for high-performance remote procedure call services. ([source](https://apisix.apache.org/docs/apisix/admin-api/)) - [JSON Message Serializers](https://awesome-repositories.com/f/data-databases/data-serialization-formats/json-serialization/json-message-serializers.md) — Maps RESTful HTTP endpoints and JSON payloads to binary methods and messages to serve existing clients. ([source](https://apisix.apache.org/learning-center/what-is-grpc)) ### Security & Cryptography - [Authentication Enforcement Policies](https://awesome-repositories.com/f/security-cryptography/authentication-enforcement-policies.md) — Applies security, authentication, and rate-limiting logic at the gateway layer to decouple cross-cutting concerns from backend services. - [Content Moderation](https://awesome-repositories.com/f/security-cryptography/content-moderation.md) — Inspects prompts and responses for policy violations or malicious injection attempts to ensure consistent security enforcement. ([source](https://apisix.apache.org/learning-center/mcp-protocol-ai-gateway)) - [API Request Authentication](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/machine-and-protocol-identity/api-machine-authentication/api-request-authentication.md) — Verifies consumer identity using keys or tokens to link incoming traffic to specific billing accounts and usage records. ([source](https://apisix.apache.org/learning-center/api-monetization-guide)) - [Mutual TLS Authentication](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/machine-and-protocol-identity/specialized-authentication-protocols/mutual-tls-authentication.md) — Enforces mutual TLS authentication for incoming client connections to ensure secure, identity-verified communication. ([source](https://apisix.apache.org/learning-center/api-gateway-authentication)) - [Access Control and Authorization](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/authorization-and-user-administration/access-control-authorization.md) — Issues and verifies access tokens using standard grant types to ensure secure resource access for authorized clients. ([source](https://apisix.apache.org/docs/apisix/plugins/openid-connect/)) - [OIDC Authentication Plugins](https://awesome-repositories.com/f/security-cryptography/oidc-authentication-plugins.md) — Validates incoming requests against external identity providers and manages session state to control access to protected upstream resources. ([source](https://apisix.apache.org/docs/apisix/plugins/openid-connect/)) - [JSON Web Tokens](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/authentication-session-flaws/json-web-tokens.md) — Verifies the digital signature and claims of self-contained tokens to ensure stateless identity verification for incoming requests. ([source](https://apisix.apache.org/learning-center/api-gateway-authentication)) - [Concurrent Authentication Methods](https://awesome-repositories.com/f/security-cryptography/authentication-systems/concurrent-authentication-methods.md) — Applies multiple authentication strategies to a single route to support complex migration paths or diverse client requirements. ([source](https://apisix.apache.org/learning-center/api-gateway-authentication)) - [Cross-Origin Resource Sharing Policies](https://awesome-repositories.com/f/security-cryptography/cross-origin-resource-sharing-policies.md) — Manages cross-origin requests by defining allowed origins and permissions to control how browsers interact with protected resources. ([source](https://apisix.apache.org/docs/apisix/plugins/cors/)) - [Cross-Site Request Forgery Protections](https://awesome-repositories.com/f/security-cryptography/cross-site-request-forgery-protections.md) — Generates and validates security tokens to protect state-changing API operations from unauthorized cross-site request forgery attacks. ([source](https://apisix.apache.org/learning-center/api-gateway-security)) - [Mutual TLS Configurations](https://awesome-repositories.com/f/security-cryptography/mutual-tls-configurations.md) — Configures distinct mutual TLS requirements for individual routes to enable flexible security enforcement across different service endpoints. ([source](https://apisix.apache.org/learning-center/what-is-mutual-tls)) - [Secret Management Integrations](https://awesome-repositories.com/f/security-cryptography/secret-management-integrations.md) — Integrates with external secret management systems to securely store and retrieve sensitive credentials used by the gateway. ([source](https://apisix.apache.org/docs/apisix/admin-api/)) - [Session Token Refreshers](https://awesome-repositories.com/f/security-cryptography/session-token-refreshers.md) — Exchanges expired access tokens for new ones using refresh tokens to maintain continuous client access. ([source](https://apisix.apache.org/docs/apisix/plugins/openid-connect/)) ### System Administration & Monitoring - [Multi-Protocol Proxy Managers](https://awesome-repositories.com/f/system-administration-monitoring/administrative-operations/linux-system-administration/networking/proxy-management-systems/multi-protocol-proxy-managers.md) — Provides centralized management for diverse proxy standards and protocols to bridge incompatible service architectures. - [Monitoring and Observability](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability.md) — Collects and exports metrics, logs, and distributed tracing data to monitor backend service performance. - [Distributed Tracing](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/observability-platforms/distributed-tracing-execution-analysis/distributed-tracing.md) — Sends request telemetry to compatible collectors to visualize and analyze the lifecycle of requests across microservices. ([source](https://apisix.apache.org/docs/apisix/plugins/zipkin/)) - [Metrics Exporters](https://awesome-repositories.com/f/system-administration-monitoring/metrics-exporters.md) — Sends request and response performance data to monitoring servers to track latency, request counts, and traffic volume. ([source](https://apisix.apache.org/docs/apisix/plugins/datadog/)) - [Request Logs](https://awesome-repositories.com/f/system-administration-monitoring/request-logs.md) — Records detailed usage data such as token counts and response latency into access logs for auditing and performance analysis. ([source](https://apisix.apache.org/docs/apisix/plugins/ai-proxy/)) ### Programming Languages & Runtimes - [Event-Driven Loops](https://awesome-repositories.com/f/programming-languages-runtimes/runtime-execution-environments/runtime-environments/runtimes/asynchronous-execution-engines/event-driven-loops.md) — Handles incoming traffic through a non-blocking event loop that enables high-concurrency proxying and low-latency request transformation. ### Development Tools & Productivity - [Plugin Execution Engines](https://awesome-repositories.com/f/development-tools-productivity/plugin-execution-engines.md) — Executes external logic as sidecar processes to extend gateway functionality beyond built-in features. ([source](https://apisix.apache.org/docs/)) ### Web Development - [Request Body Handling](https://awesome-repositories.com/f/web-development/request-body-handling.md) — Modifies request headers, bodies, or protocols before they reach the backend and adjusts responses before they are returned to the client. ([source](https://apisix.apache.org/learning-center/what-is-an-api-gateway/)) - [Request Integrity Verification](https://awesome-repositories.com/f/web-development/api-management-tools/api-request-handling/request-integrity-verification.md) — Compares hash-based message authentication codes between the client and the gateway to ensure data integrity and authenticity. ([source](https://apisix.apache.org/learning-center/api-gateway-authentication)) - [Backend-to-Frontend Bridges](https://awesome-repositories.com/f/web-development/backend-to-frontend-bridges.md) — Converts browser-based requests into native remote procedure calls to allow frontend applications to communicate directly with backend services. ([source](https://apisix.apache.org/learning-center/what-is-grpc))