ADR 014: Select API-Management Solution
Date: 2025-09-18
Status: Accepted
Decision Makers: @DerLinne @luckey @cr0ssing
Context
We need a central API-Management, which is powerful to fulfill all requirements and is open-source. In civitas v1, Apache APISIX was used for this. Although APISIXs documentation is not always completely intuitive, the solution is very powerful and versatile.
Checked Architecture Principles
- [full] Model-centric data flow – Configurable-as-code via API or CRDs (not preferred)
- [full] Distributed architecture with unified user experience
- [full] Modular design - very good integratable with other components of the platform like: Keycloak, prometheus, loki, …
- [full] Integration capability through defined interfaces
- [full] Open source as the default – Fully open source managed by Apache Foundation.
- [full] Cloud-native architecture – Official containers, Kubernetes-ready, supports HA and horizontal scaling.
- [full] Prefer standard solutions over custom development
- [full] Self-contained deployment
- [full] Technological consistency to ensure maintainability
- [full] Multi-tenancy – Realms enable strong tenant isolation
- [full] Security by design
Decision
APISIX should be used as API-Managmenent. It worked very well in v1, is well maintained, and still satisfies all our required features. It is fully manageable at runtime via API and therefor very well integratable.
Consequences
All external interfaces are routed over APISIX. External UI Components without own OIDC Integration, should use the same way.
Alternatives
- Kong: Also powerful, but a bit more commercial character
See also
- Ticket #147