中文(UAPI API 网关)
UAPI 提供 API 网关能力,用于统一管理与发布后端服务接口,实现鉴权、限流、路由、监控与日志等能力,提升 API 的安全性与可运维性。
适用场景
- 多微服务统一入口(BFF/Gateway)
- 对外开放 API:统一鉴权、配额、限流
- 灰度/路由:按路径/版本转发到不同后端
核心能力(以实际产品为准)
- 认证鉴权:API Key/JWT/签名等(视支持)
- 限流与防刷:按 IP/用户/接口限速
- 路由与转发:路径匹配、重写、后端负载(可配合 ULB)
- 监控与日志:请求统计、错误率、访问日志(可配合 ULog/UES)
举例:对外开放一个订单查询接口
- 后端服务:
http://order-svc.internal:8080 - 在网关发布路径:
GET /api/v1/orders/{id} - 开启鉴权:要求请求头
X-API-Key - 开启限流:每个 Key 每秒 20 次
- 对外域名:
https://api.example.com(配合 USSL 开启 HTTPS)
最佳实践
- 将后端服务保持内网访问,公网只暴露网关
- 为接口定义统一错误码与超时策略,便于排障
English (UAPI)
UAPI is an API gateway for centralized API publishing and management—authentication, rate limiting, routing, monitoring, and logging—improving security and operability.
Use cases
- Single entry for microservices
- Public APIs with unified auth and quotas
- Routing/gray releases by path/version
Key capabilities (depending on offering)
- Auth (API keys/JWT/signature, if supported)
- Rate limiting and abuse protection
- Routing/forwarding and integrations with load balancers
- Metrics and access logs (with ULog/UES)
Example: Expose an order query API
- Backend:
http://order-svc.internal:8080 - Gateway route:
GET /api/v1/orders/{id} - Require
X-API-Key - Rate limit: 20 rps per key
- Public domain with HTTPS
