In Container Service for Kubernetes (ACK) managed clusters, ACK Serverless clusters, or ACS clusters, NGINX Ingress gateways and Microservices Engine (MSE) Ingress gateways can be used as ingress gateways. However, the features and use scenarios of NGINX Ingress gateways and MSE Ingress gateways are different. This topic compares NGINX Ingress gateways and MSE Ingress gateways in multiple dimensions, such as product positioning, product architecture, performance, and basic routing. The comparison helps you quickly understand the differences between the two types of gateways and select appropriate ingress gateways.
Gateway comparison
Comparison item | NGINX Ingress gateway | MSE Ingress gateway |
Product positioning |
|
|
Product architecture |
|
|
Performance |
|
|
Basic routing |
|
|
O&M |
|
|
Cloud-native integration | User-side components can be used together with container clusters such as Alibaba Cloud ACK managed clusters, ACK Serverless clusters, or ACS clusters. | User-side components can be used together with container clusters such as Alibaba Cloud ACK managed clusters, ACK Serverless clusters, or ACS clusters. Seamless conversions of NGINX Ingress annotations are supported. |
Typical scenarios |
|
|
Support for mainstream protocols |
|
|
Protocol conversion | Not supported |
|
Ingress support | Ingresses are supported. |
|
Configuration updates |
|
|
Service governance |
|
|
Security |
|
|
Authentication |
|
|
Scalability | Lua scripts are supported. |
|
Observability |
|
|
Ecosystem integration | Nginx Service Mesh | MSE Ingress gateways are integrated with Istio service mesh (De facto standard). |
Summary
NGINX Ingress gateways are Kubernetes Ingress gateways that are built based on open source NGINX gateways. NGINX Ingress gateways are widely used and have become the default Kubernetes Ingress gateways. NGINX Ingress gateways provide basic capabilities, such as the capabilities related to security, routing, and observability. NGINX Ingress gateways are more suitable for scenarios in which your service traffic and the requirements for security, scalability, and stability are low and manual O&M of gateways is allowed.
MSE Ingress gateways are high-performance, high-scalability, and high-integration ingress gateways that are built based on cloud-native gateways of MSE. MSE Ingress gateways provide features such as hardware acceleration, WAF local protection, and WebAssembly plug-in marketplace to help you build managed gateway middleware. The middleware offers the advantages of low costs, high performance, high scalability, and high integration. MSE Ingress gateways support multiple service discovery modes and multiple service canary release policies. In terms of observability, MSE Ingress gateways have end-to-end full-stack capabilities to provide access logs, tracing data, metrics, and alerts. If your service traffic and the requirements for security, scalability, and stability are high, we recommend that you use MSE Ingress gateways as ingress gateways.