云服务器vt

前言

API网关在项目中非常重要。

今天这篇文章跟大家一起聊聊工作最常用的6种网关，希望对你会有所帮助。

一、为什么需要API网关？

有些小伙伴在工作中可能会问：我们的系统直接调用微服务不是更简单吗？

为什么非要引入API网关这个"中间商"呢？

让我们先来看一个实际的例子。

没有网关的微服务困境

// 前端直接调用多个微服务 - 问题重重@RestControllerpublicclassFrontendController{// 问题1：服务地址硬编码@Value("${user.service.url:http://localhost:8081}")privateString userServiceUrl;@Value("${order.service.url:http://localhost:8082}")privateString orderServiceUrl;@AutowiredprivateRestTemplate restTemplate;@GetMapping("/user-dashboard")publicUserDashboard getUserDashboard(@RequestHeader("Authorization")String token) {// 问题2：每个服务都要重复认证逻辑if(!validateToken(token)) {thrownew UnauthorizedException("Token invalid"); }// 问题3：需要手动处理服务间调用顺序User user = restTemplate.getForObject(userServiceUrl +"/users/current", User.class);List orders = restTemplate.getForObject(orderServiceUrl +"/orders?userId="+ user.getId(), List.class);// 问题4：错误处理复杂if(user ==null|| orders ==null) {thrownew ServiceUnavailableException("Backend service unavailable"); }returnnew UserDashboard(user, orders); }// 问题5：重复的认证代码privateboolean validateToken(String token) {// 每个接口都要实现的认证逻辑returntoken !=null&& token.startsWith("Bearer "); } }

引入网关后的优雅架构

// 网关统一处理所有横切关注点@ConfigurationpublicclassGatewayConfig{@BeanpublicRouteLocator customRouteLocator(RouteLocatorBuilder builder) {returnbuilder.routes() .route("user_service", r -> r.path("/api/users/**") .uri("lb://user-service")) .route("order_service", r -> r.path("/api/orders/**") .uri("lb://order-service")) .route("product_service", r -> r.path("/api/products/**") .uri("lb://product-service")) .build(); } }// 前端只需调用网关@RestControllerpublicclassFrontendController{@AutowiredprivateRestTemplate restTemplate;@GetMapping("/api/user-dashboard")publicUserDashboard getUserDashboard() {// 网关已经处理了认证、路由、负载均衡等问题returnrestTemplate.getForObject("http://gateway/api/users/current/dashboard", UserDashboard.class);} }

API网关的核心价值

让我们通过架构图来理解网关在微服务架构中的关键作用：

网关解决的8大核心问题：

统一入口：所有请求都通过网关进入系统认证授权：集中处理身份验证和权限控制流量控制：限流、熔断、降级等 resiliency 模式监控统计：统一的日志、指标收集协议转换：HTTP/1.1、HTTP/2、gRPC 等协议适配缓存加速：响应缓存降低后端压力安全防护：WAF、防爬虫、防重放攻击服务治理：服务发现、负载均衡、路由转发

下面我们一起看看工作中最常见的6种API网关有哪些。

二、Spring Cloud Gateway

有些小伙伴在Spring技术栈中开发微服务，Spring Cloud Gateway 无疑是最自然的选择。

作为Spring官方推出的第二代网关，它基于WebFlux响应式编程模型，性能卓越。

核心架构深度解析

@ConfigurationpublicclassAdvancedGatewayConfig{@Bean@Order(-1)publicGlobalFilter customGlobalFilter() {return(exchange, chain) -> {// 前置处理long startTime = System.currentTimeMillis(); ServerHttpRequest request = exchange.getRequest();// 添加追踪IDString traceId = UUID.randomUUID().toString(); ServerHttpRequest mutatedRequest = request.mutate() .header("X-Trace-Id", traceId) .build();returnchain.filter(exchange.mutate().request(mutatedRequest).build()) .then(Mono.fromRunnable(() -> {// 后置处理long duration = System.currentTimeMillis() - startTime; log.info("Request {} completed in {}ms", traceId, duration); })); }; }@BeanpublicRouteLocator advancedRoutes(RouteLocatorBuilder builder) {returnbuilder.routes()// 用户服务 - 带熔断和重试.route("user_service", r -> r.path("/api/users/**") .filters(f -> f .circuitBreaker(config -> config .setName("userServiceCB") .setFallbackUri("forward:/fallback/user-service")) .retry(config -> config .setRetries(3) .setMethods(HttpMethod.GET, HttpMethod.POST) .setBackoff(100L,1000L,2,true)) .requestRateLimiter(config -> config .setRateLimiter(redisRateLimiter()) .setKeyResolver(apiKeyResolver())) .modifyRequestBody(String.class,String.class,(exchange, s) -> Mono.just(validateAndTransform(s)))) .uri("lb://user-service"))// 订单服务 - 带JWT认证.route("order_service", r -> r.path("/api/orders/**") .filters(f -> f .filter(jwtAuthenticationFilter()) .prefixPath("/v1") .addResponseHeader("X-API-Version","1.0")) .uri("lb://order-service"))// 商品服务 - 静态资源缓存.route("product_service", r -> r.path("/api/products/**") .filters(f -> f .dedupeResponseHeader("Cache-Control","RETAIN_FIRST") .setResponseHeader("Cache-Control","public, max-age=3600")) .uri("lb://product-service")) .build(); }@BeanpublicJwtAuthenticationFilter jwtAuthenticationFilter() {returnnew JwtAuthenticationFilter(); }@BeanpublicRedisRateLimiter redisRateLimiter() {returnnew RedisRateLimiter(10,20); }@BeanpublicKeyResolver apiKeyResolver() {returnexchange -> { String apiKey = exchange.getRequest().getHeaders().getFirst("X-API-Key");returnMono.just(Optional.ofNullable(apiKey).orElse("anonymous")); }; } }// JWT认证过滤器@ComponentclassJwtAuthenticationFilterimplementsGatewayFilter{@AutowiredprivateJwtUtil jwtUtil;@OverridepublicMono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { String token = extractToken(exchange.getRequest());if(token ==null) {returnonError(exchange,"Missing authentication token", HttpStatus.UNAUTHORIZED); }try{ Claims claims = jwtUtil.parseToken(token); String username = claims.getSubject();// 将用户信息添加到headerServerHttpRequest mutatedRequest = exchange.getRequest().mutate() .header("X-User-Name", username) .header("X-User-Roles", String.join(",", claims.get("roles", List.class))).build();returnchain.filter(exchange.mutate().request(mutatedRequest).build()); }catch(Exception e) {returnonError(exchange,"Invalid token: "+ e.getMessage(), HttpStatus.UNAUTHORIZED); } }privateString extractToken(ServerHttpRequest request) { String bearerToken = request.getHeaders().getFirst("Authorization");if(StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {returnbearerToken.substring(7); }returnnull; }privateMono<Void> onError(ServerWebExchange exchange, String err, HttpStatus status) { exchange.getResponse().setStatusCode(status); DataBuffer buffer = exchange.getResponse().bufferFactory() .wrap(("{"error":""+ err +""}").getBytes());returnexchange.getResponse().writeWith(Mono.just(buffer)); } }

Spring Cloud Gateway 执行流程

优点：

与Spring Cloud生态完美集成基于WebFlux，性能优秀功能丰富，支持过滤器和断言配置灵活，支持代码和配置文件两种方式

缺点：

对非Spring技术栈不友好学习曲线相对陡峭依赖Spring Cloud组件

使用场景：

Spring Cloud微服务架构需要深度定制网关逻辑团队熟悉Spring技术栈

三、Kong：企业级API网关标杆

有些小伙伴在企业级场景中需要更高的性能和更丰富的功能，Kong就是这样一个基于Nginx和OpenResty的高性能API网关。

Kong 配置实战

kong.yml - 声明式配置_format_version:"2.1"_transform:trueservices:-name:user-serviceurl:http://user-service:8080routes:-name:user-routepaths:["/api/users"]strip_path:trueplugins:-name:key-authconfig:key_names:["apikey"]hide_credentials:true-name:rate-limitingconfig:minute:10policy:redis-name:prometheusenabled:true-name:order-serviceurl:http://order-service:8080routes:-name:order-routepaths:["/api/orders"]methods:["GET","POST","PUT"]plugins:-name:corsconfig:origins:["https://example.com"]methods:["GET","POST","PUT"]headers:["Accept","Authorization","Content-Type"]-name:request-transformerconfig:add:headers:["X-From-Kong:true"]remove:headers:["User-Agent"]consumers:-username:mobile-appkeyauth_credentials:-key:mobile-key-123-username:web-appkeyauth_credentials:-key:web-key-456plugins:-name:ip-restrictionconfig:allow:["192.168.0.0/16","10.0.0.0/8"]-name:correlation-idconfig:header_name:"X-Request-ID"generator:"uuid"

自定义Kong插件开发

-- kong/plugins/request-validator/handler.lualocalBasePlugin =require"kong.plugins.base_plugin"localcjson =require"cjson"localRequestValidator = BasePlugin:extend()functionRequestValidator:new()RequestValidator.super.new(self,"request-validator")endfunctionRequestValidator:access(conf)RequestValidator.super.access(self)localheaders = kong.request.get_headers()localmethod = kong.request.get_method()localbody = kong.request.get_raw_body()-- API Key验证localapi_key = headers["X-API-Key"] ifnot api_keythenkong.response.exit(401, { message ="Missing API Key"})end-- 验证API Key格式ifnotstring.match(api_key,"^%x%x%x%-%x%x%x%-%x%x%x$")thenkong.response.exit(401, { message ="Invalid API Key format"})end-- 请求体验证ifmethod =="POST"ormethod =="PUT"thenifnot bodyorbody ==""thenkong.response.exit(400, { message ="Request body is required"})endlocalok, json_body =pcall(cjson.decode, body) ifnot okthenkong.response.exit(400, { message ="Invalid JSON format"})end-- 业务规则验证ifjson_body.amount andtonumber(json_body.amount) <=0thenkong.response.exit(400, { message ="Amount must be greater than 0"})endend-- 添加验证通过标记kong.service.request.set_header("X-Request-Validated","true") kong.service.request.set_header("X-API-Key", api_key)-- 记录审计日志kong.log.info("Request validated for API Key: ", api_key)endreturnRequestValidator

Kong 集群架构

优点：

基于Nginx，性能极高插件生态丰富支持集群部署成熟的监控和管理界面

缺点：

依赖数据库（PostgreSQL/Cassandra）插件开发需要Lua知识配置相对复杂

使用场景：

高并发企业级应用需要丰富插件功能的场景已有Kong技术栈的团队

四、Nginx：经典反向代理网关

有些小伙伴在传统架构或简单场景中，Nginx仍然是最可靠的选择。它虽然功能相对简单，但性能卓越且稳定。

Nginx 配置详解

nginx.conf - 生产环境配置http{基础配置sendfileon;tcp_nopushon;tcp_nodelayon;keepalive_timeout65;types_hash_max_size2048;日志格式log_formatmain $remote_addr - $remote_user [$time_local] "$request"$status$body_bytes_sent "$http_referer""$http_user_agent""$http_x_forwarded_for"rt=$request_time uct="$upstream_connect_time"uht="$upstream_header_time" urt="$upstream_response_time";上游服务配置upstreamuser_service {serveruser-service-1:8080 weight=3;serveruser-service-2:8080 weight=2;serveruser-service-3:8080 weight=1;健康检查checkinterval=3000 rise=2 fall=3 timeout=1000;}upstreamorder_service {serverorder-service-1:8080;serverorder-service-2:8080;会话保持hash$cookie_jsessionid;hash_again1;}upstreamproduct_service {serverproduct-service:8080;备份服务器serverbackup-product-service:8080 backup;}API网关配置server{listen80;server_nameapi.example.com;全局限流limit_req_zone$binary_remote_addr zone=api:10m rate=10r/s;用户服务路由location/api/users/ {limit_reqzone=api burst=20 nodelay;反向代理配置proxy_passhttp://user_service;proxy_set_headerHost $host;proxy_set_headerX-Real-IP $remote_addr;proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_headerX-Forwarded-Proto $scheme;超时配置proxy_connect_timeout5s;proxy_read_timeout10s;proxy_send_timeout10s;重试机制proxy_next_upstreamerror timeout invalid_header http_500 http_502 http_503 http_504;proxy_next_upstream_tries3;proxy_next_upstream_timeout10s;缓存配置proxy_cacheapi_cache;proxy_cache_key"$scheme$request_method$host$request_uri";proxy_cache_valid200 302 5m;proxy_cache_valid404 1m;添加安全头add_headerX-Frame-Options DENY;add_headerX-Content-Type-Options nosniff;add_headerX-XSS-Protection "1; mode=block";}订单服务路由location/api/orders/ {JWT验证auth_request/auth;auth_request_set$user $upstream_http_x_user;proxy_set_headerX-User $user;proxy_passhttp://order_service;CORS配置if($request_method = OPTIONS) {add_headerAccess-Control-Allow-Origin *;add_headerAccess-Control-Allow-Methods GET, POST, OPTIONS;add_headerAccess-Control-Allow-Headers Authorization,Content-Type;add_headerAccess-Control-Max-Age 86400;return204;}}认证端点location=/auth {internal;proxy_passhttp://auth_service/validate;proxy_pass_request_bodyoff;proxy_set_headerContent-Length "";proxy_set_headerX-Original-URI $request_uri;}健康检查端点location/health {access_logoff;return200 "healthy ";add_headerContent-Type text/plain;}监控端点location/nginx-status {stub_statuson;access_logoff;allow192.168.0.0/16;denyall;}}}

Nginx 请求处理流程

优点：

性能极高，C语言编写配置相对简单资源消耗低社区成熟，资料丰富

缺点：

动态配置能力弱功能相对基础需要reload生效配置变更

使用场景：

高性能要求的简单路由静态资源服务传统架构升级

五、APISIX：云原生API网关新星

有些小伙伴在云原生环境中需要动态配置和高性能，APISIX就是这样一个基于etcd的云原生API网关。

APISIX 路由配置

apisix-config.yamlroutes:-uri:/api/users/*name:user-servicemethods:[GET,POST,PUT,DELETE]upstream:type:roundrobinnodes:user-service-1:8080:1user-service-2:8080:2user-service-3:8080:1plugins:proxy-rewrite:uri:"/users$1"limit-count:count:100time_window:60key:remote_addrrejected_code:503jwt-auth:key:user-servicesecret:my-secret-keyexp:86400-uri:/api/orders/*name:order-serviceupstream:type:chashkey:arg_user_idnodes:order-service-1:8080:1order-service-2:8080:1plugins:cors:allow_origins:"https://example.com"allow_methods:"GET,POST,PUT,DELETE"allow_headers:"*"response-rewrite:body:{"code": 0, "message": "success", "data": $body}fault-injection:abort:http_status:500body:"service unavailable"percentage:5-uri:/api/products/*name:product-serviceupstream:type:roundrobinnodes:product-service:8080:1plugins:proxy-cache:cache_key:["$uri","$args"]cache_zone:disk_cache_onecache_ttl:300uri-blocker:block_rules:["^/admin/",".php$"]rejected_code:403全局插件plugins:-name:prometheusenable:true-name:zipkinenable:trueconfig:endpoint:http://zipkin:9411/api/v2/spanssample_ratio:0.001

APISIX 插件开发

-- apisix/plugins/rate-limit-advanced/init.lualocalcore =require("apisix.core")localplugin_name ="rate-limit-advanced"localschema = {type="object", properties = { rate = {type="integer", minimum =1}, burst = {type="integer", minimum =0}, key = {type="string"}, window = {type="integer", minimum =1}, rejected_code = {type="integer", default =429}, rejected_msg = {type="string", default ="rate limit exceeded"} }, required = {"rate","key"} }local_M = { version =1.0, priority =1000, name = plugin_name, schema = schema, }function_M.check_schema(conf)returncore.schema.check(schema, conf)endfunction_M.access(conf, ctx)localkey = conf.keyifkey =="remote_addr"thenkey = ctx.var.remote_addrelseifkey =="server_addr"thenkey = ctx.var.server_addrendlocalrate = conf.ratelocalburst = conf.burst or0localwindow = conf.window or60-- 使用redis进行分布式限流localredis =require("resty.redis")localred = redis:new()localok, err = red:connect("127.0.0.1",6379) ifnot okthencore.log.error("failed to connect to redis: ", err) return500endlocalcurrent_time = ngx.now()localkey_name ="rate_limit:".. key-- 使用令牌桶算法localtokens = red:get(key_name)iftokensthentokens =tonumber(tokens)elsetokens = burstendlocallast_update = red:get(key_name ..":time")iflast_updatethenlast_update =tonumber(last_update)localelapsed = current_time - last_updatelocalnew_tokens = elapsed * rate / windowifnew_tokens >0thentokens =math.min(tokens + new_tokens, burst)endendiftokens <1thenred:setex(key_name ..":time", window, current_time)returnconf.rejected_code, conf.rejected_msgendtokens = tokens -1red:setex(key_name, window, tokens) red:setex(key_name ..":time", window, current_time)endreturn_M

优点：

配置热更新，无需重启性能卓越插件生态丰富云原生友好

缺点：

相对较新，生态不如Kong成熟依赖etcd学习成本较高

使用场景：

云原生环境需要动态配置的场景高性能要求的微服务架构

六、Zuul：Netflix经典网关

有些小伙伴在传统Spring Cloud项目中可能还在使用Zuul，虽然它已被Spring Cloud Gateway取代，但了解其原理仍有价值。

Zuul 过滤器实战

// Zuul前置过滤器 - 认证和限流@ComponentpublicclassAuthPreFilterextendsZuulFilter{@AutowiredprivateRateLimiterService rateLimiter;@AutowiredprivateJwtTokenProvider tokenProvider;@OverridepublicStringfilterType(){return"pre"; }@OverridepublicintfilterOrder(){return1; }@OverridepublicbooleanshouldFilter(){returntrue; }@OverridepublicObjectrun()throwsZuulException{ RequestContext ctx = RequestContext.getCurrentContext(); HttpServletRequest request = ctx.getRequest();// 1. 限流检查String clientId = getClientId(request);if(!rateLimiter.tryAcquire(clientId)) { ctx.setSendZuulResponse(false); ctx.setResponseStatusCode(429); ctx.setResponseBody("{"error": "Rate limit exceeded"}");returnnull; }// 2. JWT认证String token = extractToken(request);if(token ==null&& requiresAuth(request)) { ctx.setSendZuulResponse(false); ctx.setResponseStatusCode(401); ctx.setResponseBody("{"error": "Authentication required"}");returnnull; }if(token !=null) {try{ Claims claims = tokenProvider.parseToken(token); ctx.addZuulRequestHeader("X-User-Id", claims.getSubject()); ctx.addZuulRequestHeader("X-User-Roles", String.join(",", claims.get("roles", List.class))); }catch(Exception e) { ctx.setSendZuulResponse(false); ctx.setResponseStatusCode(401); ctx.setResponseBody("{"error": "Invalid token"}");returnnull; } }// 3. 添加追踪信息ctx.addZuulRequestHeader("X-Request-ID", UUID.randomUUID().toString()); ctx.addZuulRequestHeader("X-Forwarded-For", request.getRemoteAddr());returnnull; }privateStringgetClientId(HttpServletRequest request){ String apiKey = request.getHeader("X-API-Key");returnapiKey !=null? apiKey : request.getRemoteAddr(); }privateStringextractToken(HttpServletRequest request){ String bearerToken = request.getHeader("Authorization");if(bearerToken !=null&& bearerToken.startsWith("Bearer ")) {returnbearerToken.substring(7); }returnnull; }privatebooleanrequiresAuth(HttpServletRequest request){ String path = request.getRequestURI();return!path.startsWith("/api/public/") && !path.equals("/health") && !path.startsWith("/actuator/"); } }// Zuul后置过滤器 - 响应处理@ComponentpublicclassResponsePostFilterextendsZuulFilter{privatestaticfinalLogger logger = LoggerFactory.getLogger(ResponsePostFilter.class);@OverridepublicStringfilterType(){return"post"; }@OverridepublicintfilterOrder(){return1000; }@OverridepublicbooleanshouldFilter(){returntrue; }@OverridepublicObjectrun()throwsZuulException{ RequestContext ctx = RequestContext.getCurrentContext(); HttpServletRequest request = ctx.getRequest(); HttpServletResponse response = ctx.getResponse();longstartTime = (Long) ctx.get("startTime");longduration = System.currentTimeMillis() - startTime;// 记录访问日志logger.info("{} {} {} {} {}ms", request.getRemoteAddr(), request.getMethod(), request.getRequestURI(), response.getStatus(), duration);// 添加响应头response.setHeader("X-Response-Time", duration +"ms"); response.setHeader("X-API-Version","1.0");// 统一响应格式if(ctx.getResponseBody() !=null&& response.getContentType() !=null&& response.getContentType().contains("application/json")) { String originalBody = ctx.getResponseBody(); String wrappedBody ="{"code": 0, "data": "+ originalBody +", "timestamp": "+ System.currentTimeMillis() +"}"; ctx.setResponseBody(wrappedBody); }returnnull; } }

优点：

与Netflix集成良好过滤器机制灵活文档资料丰富

缺点：

性能较差（阻塞IO）已被Spring Cloud Gateway取代社区活跃度下降

使用场景：

遗留Spring Cloud项目Netflix技术栈非性能敏感场景

七、Traefik：云原生动态网关

有些小伙伴在容器化环境中需要自动服务发现，Traefik就是为云原生而生的动态网关。

Traefik 配置示例

traefik.yamlapi:dashboard:trueinsecure:trueentryPoints:web:address:":80"http:redirections:entryPoint:to:websecurescheme:httpswebsecure:address:":443"certificatesResolvers:myresolver:acme:email:admin@example.comstorage:/etc/traefik/acme.jsonhttpChallenge:entryPoint:webproviders:docker:endpoint:"unix:///var/run/docker.sock"exposedByDefault:falsefile:filename:/etc/traefik/dynamic.yamlwatch:truelog:level:INFOaccessLog:filePath:"/var/log/traefik/access.log"bufferingSize:100metrics:prometheus:entryPoint:websecure动态配置dynamic.yamlhttp:middlewares:认证中间件auth-middleware:basicAuth:users:-"admin:$2y$05$YOUR_HASHED_PASSWORD"限流中间件rate-limit-middleware:rateLimit:burst:100period:1m重试中间件retry-middleware:retry:attempts:3熔断中间件circuit-breaker-middleware:circuitBreaker:expression:"NetworkErrorRatio() > 0.5"压缩中间件compress-middleware:compress:{}routers:用户服务路由user-service:rule:"PathPrefix(`/api/users`)"entryPoints:-websecuremiddlewares:-rate-limit-middleware-compress-middlewareservice:user-servicetls:certResolver:myresolver订单服务路由order-service:rule:"PathPrefix(`/api/orders`)"entryPoints:-websecuremiddlewares:-auth-middleware-rate-limit-middleware-circuit-breaker-middlewareservice:order-servicetls:certResolver:myresolverservices:user-service:loadBalancer:servers:-url:"http://user-service-1:8080"-url:"http://user-service-2:8080"healthCheck:path:/healthinterval:10stimeout:5sorder-service:loadBalancer:servers:-url:"http://order-service-1:8080"-url:"http://order-service-2:8080"

优点：

自动服务发现配置简单云原生友好内置监控和Dashboard

缺点：

功能相对简单性能不如Nginx系网关高级功能需要企业版

使用场景：

容器化环境需要自动服务发现的场景快速原型开发

八、6大网关对比

通过前面的分析，我们现在对这六种API网关有了深入的了解。

让我们通过一个全面的对比来帮助大家做出正确的技术选型。

详细对比表格

选型决策指南

选择Spring Cloud Gateway当：

技术栈以Spring为主需要深度定制网关逻辑已经使用Spring Cloud组件团队熟悉响应式编程

选择Kong当：

企业级高并发场景需要丰富插件生态有专业运维团队需要成熟的管理界面

选择Nginx当：

性能要求极高场景相对简单团队熟悉Nginx资源受限环境

选择APISIX当：

云原生环境需要动态配置追求最新技术高性能要求

选择Zuul当：

维护遗留Spring Cloud项目Netflix技术栈非性能敏感场景

选择Traefik当：

容器化部署需要自动服务发现快速开发部署配置简单要求

总结

通过本文的介绍，我们对6种主流API网关有了全面的认识。

在选择网关时需要考虑以下关键因素：

技术栈匹配：选择与团队技术栈最匹配的方案性能要求：根据业务并发量选择性能合适的网关功能需求：评估需要的功能特性，如限流、认证、监控等运维成本：考虑部署、监控、维护的复杂度团队能力：评估团队对网关技术的掌握程度

核心建议

新项目优先考虑：Spring Cloud Gateway（Spring技术栈）或 APISIX（云原生）高并发场景：Kong 或 Nginx快速原型：Traefik遗留系统：根据现有技术栈选择

记住，没有最好的网关，只有最合适的网关。

合理的网关选型可以大大提升系统的可维护性、可扩展性和性能表现。

来源：https://mp.weixin.qq.com/s/JYuuIDx-xpM5yFVp5h_3jw

云6服务器