What Is ADC?
ADC (APISIX Declarative CLI), introduced by API7.ai, is a declarative configuration tool aimed at assisting users in implementing GitOps capabilities in non-Kubernetes environments. Users can seamlessly integrate it into their CI/CD pipelines to manage the lifecycle of APIs, facilitating updates and releases.
In its current iteration, ADC has been integrated with APISIX to facilitate the export and synchronization of APISIX resources.
What Is API7 Enterprise?
API7 Enterprise is built on APISIX, providing enhanced API management capabilities, including gateway grouping and service versioning, aiming to offer a comprehensive API management solution for enterprises. There are some differences compared to GitOps-based API management, as users can effortlessly manage API7 Enterprise functionalities through a Web UI interface.
Some users eagerly desire to adopt GitOps mode in API7 Enterprise to better manage the API full lifecycle. They aim to store all API definitions as declarative configuration files and ensure the correctness of API declarations through code review mechanisms on Pull Requests. They also utilize CI in the repository to preview API deployments in the development environment before releasing them to the production environment.
ADC has established a framework for managing declarative configurations and completed change detection and synchronization tasks on API resources. Therefore, it's obvious that the support of ADC in API7 Enterprise will become a development direction.
New Features of ADC 0.7 Version
In order to support API7 Enterprise, several key improvements to ADC have been introduced into ADC, as outlined below.
API7 Enterprise's Backend
We have released a new version of ADC with preliminary support for its usage on the API7 Enterprise backend. Core functionalities such as dump
, diff
, and sync
are now available on the API7 Enterprise backend.
With this new backend support, users can directly export API resources from APISIX and synchronize them with API7 Enterprise, facilitating the migration of old configurations from APISIX to fully leverage the powerful enterprise-grade features provided by API7 Enterprise.
Gateway Group
API7 Enterprise offers advanced management capabilities for multiple gateway instances. Users can allocate gateway instances to different gateway groups to achieve isolation of configurations in different environments. For example, different gateway clusters can be created for development and production purposes, allowing a service to be separately published to different gateway groups to meet different requirements. In addition to services, global plugins, and TLS certificates are also managed through gateway groups.
Gateway group management is a key new feature of API7 Enterprise, and ADC provides support for it. When using ADC core commands, users can specify a command-line flag named gateway-group
, which instructs ADC to retrieve and synchronize user-specified resources from that gateway group.
Resource Filtering Based on Labels
In previous versions of ADC, API configurations were fully pulled and synchronized from the Admin API. However, even if we made minor modifications to API configurations, the system still required us to provide all declarative configuration files, even if some of them had not changed. Failure to provide these unchanged configuration files would lead the system to consider resources listed in the Admin API but not provided on the command line as deleted, resulting in their removal from the production environment. This could compromise the expected configuration state and affect traffic processing, which is not desirable.
To address this issue, we now provide a label-based resource filter. This filter allows users to specify one or more label key-value pairs that must be met by resources through a command-line flag named label-selector
. Any local and remote resources that do not meet the requirements of this label filter will be ignored, effectively preventing accidental disruption of gateway configurations.
Outlook for New Features
In addition to the new features mentioned above, we are still exploring new areas to enhance ADC functionality and provide greater value to users. Some examples include:
Providing a plugin mechanism to allow users to customize API gateway backends. Users can export ADC declarative configurations from any API gateway and define API configurations through ADC for deployment to any API gateway.
Offering scriptable programming capabilities to provide hooks for users to inspect and modify ADC configurations at specific stages. This will help implement security baseline checks for certain APIs and prevent common insecure scenarios.
Providing API definition converters other than OpenAPI to enrich the API tool ecosystem that ADC can leverage.
ADC 0.7 is only available for internal use within API7 Enterprise and has not been publicly released. This feature will be contributed to the open-source community Apache APISIX in the second quarter of this year.