CommunityRelease Apache APISIX 3.9.0We are glad to present Apache APISIX 3.9.0 with exciting new features, bug fixes, and other improvements to user experiences.
CommunityMonthly Report (June 01 - June 30)We have recently made some additions and improvements to specific features within Apache APISIX. These include replacing YAML parser tinyyaml with lyaml, and supporting storing certificates and private keys on SSL through Secret Manager. For detailed information, please read the monthly report.
EcosystemDynamic watermarking with imgproxy and Apache APISIXLast week, I described how to add a dynamic watermark to your images on the JVM. I didn't find any library, so I had to develop the feature, or, more precisely, an embryo of a feature, by myself. Depending on your tech stack, you must search for an existing library or roll up your sleeves. For example, Rust offers such an out-of-the-box library. Worse, this approach might be impossible to implement if you don't have access to the source image.Another alternative is to use ready-made components, namely imgproxy and Apache APISIX. I already combined them to resize images on-the-fly.
EcosystemRandom and fixed routes with Apache APISIXMy ideas for blog posts inevitably start to dry up after over two years at Apache APISIX. Hence, I did some triage on the APISIX repo. I stumbled upon this one question:
EcosystemEven more OpenTelemetry!I continue to work on my Opentelemetry demo. Its main idea is to showcase traces across various technology stacks, including asynchronous communication via an MQTT queue. This week, I added a couple of components and changed the architecture. Here are some noteworthy learnings; note that some of them might not be entirely connected to OpenTelemetry.
EcosystemHardening Apache APISIX with the OWASP's Coraza and Core RulesetThe Open Worldwide Application Security Project is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 - 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations.--OWASP websiteThe OWASP regularly publishes a Top 10 vulnerability report. The report targets vulnerabilities in web applications.In this post, I'd like to describe how to fix some of them via the Apache APISIX API Gateway.
Case StudiesHow to Supercharge Large-Scale Video Operations with APISIXAuthor: Yu Xia, Senior DevOps Engineer at Migu Video Construction and Operation Center. This article is based on a presentation given by Yu Xia at the APISIX Shanghai Meetup in November 2023.
EcosystemAnnouncing Integration between Apache APISIX and open-appsec WAFWe are excited to announce a new integration between Apache APISIX and open-appsec WAF, combining the power of a dynamic API gateway with cutting-edge application security.
CommunityRelease Apache APISIX 3.11.0We are glad to present Apache APISIX 3.11.0 with exciting new features, bug fixes, and other improvements to user experiences.
CommunityMonthly Report (September 01 - September 30)We have recently made some additions and improvements to specific features within Apache APISIX. The main improvements include the addition of attach-consumer-label, ai-prompt-decorator, and ai-proxy plugins, as well as support for GCP Secret Manager, among other enhancements. For detailed information, please read the monthly report.
CommunityMonthly Report (August 01 - August 31)We have recently made some additions and improvements to specific features within Apache APISIX. The main improvements include adding ai-prompt-template plugin and supporting AWS Secrets Manager. For ...
CommunityRelease Apache APISIX 3.10.0We are glad to present Apache APISIX 3.10.0 with exciting new features, bug fixes, and other improvements to user experiences.
EcosystemFree tier API with Apache APISIXLots of service providers offer a free tier of their service. The idea is to let you kick their service's tires freely. If you need to go above the free tier at any point, you'll likely stay on the service and pay. In this day and age, most services are online and accessible via an API. Today, we will implement a free tier with Apache APISIX.
CommunityMonthly Report (July 01 - July 31)We have recently made some additions and improvements to specific features within Apache APISIX. The main improvement is moving the default values from config-default.yaml to a hardcoded Lua file. For detailed information, please read the monthly report.
EcosystemDifferentiating rate limits in Apache APISIXIn my talk Evolving your APIs, I mention that an API Gateway is a Reverse Proxy "on steroids". One key difference between the former and the latter is that the API Gateway is not unfriendly to busines...
EcosystemAdvanced URL rewriting with Apache APISIXI spoke at Swiss PgDay in Switzerland in late June. The talk was about how to create a no-code API with the famous PostgreSQL database, the related PostgREST, and Apache APISIX, of course. I already wrote about the idea in a previous post. However, I wanted to improve it, if only slightly.PostgREST offers a powerful SELECT mechanism. To list all entities with a column equal to a value, you need the following command:
