Driving the Future: How APISIX Ingress Controller Empowers Horizon Robotics

Jing Yan

Jing Yan

October 10, 2022

Case Study

Overview

About Horizon Robotics

Horizon Robotics is a top-notch provider of energy-efficient computing solutions for advanced driver assistance systems (ADAS) and automated driving (AD) in regular cars. The enterprise focuses on improving the driving experience for the next generation by combining advanced hardware and software, including low-power hardware computing solutions and open software development tools.

Challenges

  • Horizon Robotics's previous ingress controller, Traefik 1.x, could not support granular configuration.

  • Traefik 1.x lacked specific rules for visual configuration and thus could not pinpoint specific services.

  • Horizon Robotics's original configuration files were limited, requiring time-consuming documentation searches and maintenance.

Results

  • By appropriately adjusting parameters, Horizon Robotics enhanced data transmission stability and reduced the occurrence of out-of-memory (OOM) and similar issues.

  • Horizon Robotics improved resource utilization and promoted collaboration across multiple cloud platforms.

  • Utilizing APISIX's forward-auth plugin for external authentication, Horizon Robotics simplified gRPC invocations and improved monitoring efficiency.

  • Horizon Robotics enhanced its monitoring and operational efficiency by activating the prometheus plugin and tailoring it to meet specific business requirements.

Background

In the era of autonomous driving and new energy technologies, companies like Horizon Robotics have heavily invested in developing and training autonomous driving models. With deep learning algorithms and chip design expertise, Horizon Robotics focuses on innovative automotive computing platforms. They have launched hardware like the Horizon Journey Series for intelligent driving, the Sunrise Series for versatile robotics, and a cross-platform AI development tool. "This growth has heightened the importance of their gateway," noted Xin Zhang, the Cloud-Native Development Engineer at Horizon Robotics.

Why APISIX Ingress Controller

Before implementing the APISIX Ingress Controller, Horizon Robotics's business system utilized Traefik 1.x as its ingress controller, which presented several challenges.

  • Traefik 1.x limited the company to using plugins for all rules within the ingress controller without the flexibility for more detailed configurations.

  • Traefik 1.x couldn't directly identify services based on request URLs in web browsers.

  • Traefik 1.x's default configuration file (ConfigMap) had a limited set of attributes, which meant frequent references to the official documentation for default settings. This issue was further complicated by parameter discrepancies with NGINX's default configuration, making maintenance more challenging.

"Facing those problems, our tech team decided it was time to replace our ingress controller," says Zhang. "We initially thought about upgrading Traefik to version 2.0 to fix these issues, but this upgrade meant adopting a new CRD and dealing with some hefty migration costs. Therefore, we tried to explore other ingress controller options as well."

Horizon Robotics primarily evaluated Apache APISIX, Kong, and Envoy in the initial selection phase. However, to varying degrees, except for the APISIX Ingress Controller, these alternative solutions could not fully cater to the specific requirements of functionality or performance. As a result, Horizon Robotics ultimately opted for the APISIX Ingress Controller. Beyond some standard features of the gateways, Horizon Robotics held a particular interest in the following aspects:

  • Extensive Plugin Support: APISIX boasts a robust ecosystem of plugins, which can be conveniently configured using apisix-ingress-controller. These plugins can also be tailored for specific backends under ApisixRoute.

  • User-Friendly Visual Configuration: The APISIX Dashboard provides a clear view of each apisix route. In cases where the same domain is configured across multiple namespaces or YAML files, the integrated APISIX Dashboard can allow Horizon Robotics to quickly pinpoint potential conflicts by searching for path prefixes.

  • Fine-Grained Validation: The APISIX Ingress Controller rigorously validates the resources declared in the CRD it manages. If an invalid service is specified in the CRD, an error message is recorded in the ApisixRoute event, preventing the change from taking effect. This validation helps mitigate issues stemming from misconfigurations.

  • Diverse Feature Set: APISIX offers many features, including support for hot updates and plugins, request rewriting, multiple authentication methods, multi-language plugin development, etc.

  • Active Community Engagement: Unlike other open-source communities, APISIX benefits from a vibrant community of maintainers and contributors actively participating on Slack, GitHub, and the mailing list.

  • Impressive Performance: The chart below clearly illustrates that APISIX outperforms Envoy by approximately 20% in the stress test. This performance difference becomes more pronounced with an increase in CPU cores.

Ingress Controller

Apache APISIX Ingress Controller Successes

Centralized Traffic Hub Enhancement

Horizon Robotics has achieved a notable feat by employing the APISIX Ingress Controller as the central gateway for incoming traffic from various sources, such as command-line tools, web applications, SaaS platforms, and OpenAPI. The company also ensured secure access to its services using the forward-auth plugin for external authentication.

Architecture1

This innovative architecture effectively channels incoming traffic through the domain name within the gateway layer. Initial routing through the Linux Virtual Server (LVS) simplifies the forwarding process, directing traffic to the backend APISIX node. Subsequently, APISIX efficiently distributes traffic to the appropriate pods, adhering to predefined routing rules. Notably, the adjustment to the default port of the APISIX Ingress Controller from 9180 to 80 further streamlines traffic routing, enhancing the overall efficiency of the system's traffic management.

Architecture2

Significant Efficiency Improvement

Companies engaged in AI model training often encounter scenarios requiring oversized file uploads. "In our Horizon Robotics model training system, the R&D team uploads collected data to the system via the network, and the data size is typically several hundred GB or more," says Zhang. To tackle this challenge, Horizon Robotics implemented APISIX 2.13 with adjusted parameters and enabled APISIX's streaming upload for the files. This step ensured seamless uploads of large files and mitigated memory-related issues. As a result, Horizon Robotics' AI model training projects saw a notable improvement in efficiency, allowing smoother technological progress.

Oversized

Strategic Multi-Cloud Optimization

In multi-cloud service interactions, some business traffic initially lands at Horizon Robotics' local IDC. From there, it passes through the APISIX Ingress Controller before reaching the Pod. Within the Pod, certain services need to access Acloud's services using domain names. This step allowed these services to seamlessly navigate across various cloud providers utilized by Horizon Robotics, providing access to essential resources while optimizing resource utilization. Furthermore, some scenarios where services invoke other services also exist, mainly for multi-cloud training, enabling different services to collaborate in assisting Horizon Robotics with more complex tasks. Also, Horizon Robotics can choose the appropriate cluster and submit tasks to the corresponding cloud clusters through their local IDC entry point. This capability empowered them to efficiently manage and distribute tasks, fully leveraging the computational resources in their multi-cloud environment.

Multi-cloud

Streamlined Plugin Integration

After APISIX thoughtfully integrated support for the forward-auth plugin, Horizon Robotics made the strategic decision to transition from its custom plugin to APISIX's official plugin. This shift eliminated the need for an additional layer of gRPC calls and significantly streamlined the company's monitoring processes. Consequently, this enhancement greatly bolstered integration flexibility and heightened security measures, ultimately reinforcing Horizon Robotics' position in robotics technology.

forward-auth

Advanced Application Monitoring

To make the most of APISIX's powerful features, Horizon Robotics has activated the prometheus plugin for application monitoring. Horizon Robotics has conducted customized adjustments and optimizations to suit its business requirements, including boosting real-time concurrency, QPS, APISIX's real-time API success rate, and APISIX's real-time bandwidth. Those changes provided Horizon Robotics with more granular monitoring of APISIX.

Application Monitoring

Summary

Horizon Robotics has effectively utilized the Apache APISIX Ingress Controller in critical business scenarios, increasing efficiency and adaptability. They streamlined oversized file uploads for AI model training, optimized multi-cloud service interactions, simplified external authentication, and implemented tailored application monitoring. These enhancements have notably advanced Horizon Robotics' technology and operations.

As more users incorporate Apache APISIX Ingress Controller into their production environments, we encourage those utilizing Apache APISIX Ingress Controller to share their use cases within the community.

Tags:
APISIX Ingress ControllerArtificial IntelligenceAuto