We have the requirement for publishing our service to public more urgent as the rapid bussiness explosion. So, Guardian comes up. As a API gateway, guardian is a edge service, provide single entry to access backend service. Guardian designed for protecting backend service.
Guardian has the following features:
- API Lifecycle Management
- Support API define, release, downline.
- Support API's version management, version rollback.
- Dynamic Routing
- Support ant-style URL mapping, dynamic routing to origin server.
- Support upstream healthcheck.
- Dynamic Filters
Support dynamic loading filter, no need to restart application.
- Traffic Control
- Flow control can be used to control the visited frequency of the API, the request frequency of the APP, and the request frequency of the user.
- The time unit of flow control can be minutes, hours, and days.
- Request Verification
- Support parameter type, parameter value (range, enumeration, regular) check, invalid check will be directly rejected, to reduce the waste of resources caused by invalid requests to the backend.
- Data Transform
Pre- and post-end data translation is implemented by configuring mapping rules.
-
Support for data conversion of front-end requests.
-
Support for data conversion that returns results.
-
Botblocker
Provider a basic anti-replite filter.
- Safety
- Support AppKey, OpenID-Connect authentication, support HMAC (SHA-1, SHA-256) algorithm for signature.
- Anti-attack, anti-injection, request anti-replay, request anti-tampering.
- Real-time Monitor
- Provide visual API real-time monitoring.
- Configurable warning mode (SMS, Email), subscribe to warning information.
See the 中文文档 for Chinese document.
- Open platform gateway
- Microservice gateway
Guardian Adapted zuul's filter design, below image shows zuul request lifecycle, filter is everywhere.
Guardian introduced the Servlet 3.0 asynchronous feature,which can hold more requests.
