Zuplo vs. Solo API Gateway
Zuplo is redefining what it means to be an API Management platform and is an alternative to Solo API Gateway. With Zuplo, you can easily build and share quality APIs with other developers. Compare features, pricing, deployment options, and customizability below.
Overview#
As an alternative to Solo.io, developers choose Zuplo’s API management platform for a frictionless and fully managed experience, with simple deployment options, programmability, and automatic Stripe-quality documentation for API consumers.
What is Solo.io?#
Solo.io is a SaaS provider of “API gateway and service mesh solutions” with multiple products for IT operations teams looking to implement security and governance in a Kubernetes/cloud native environment. The Gloo Gateway handles millions of daily requests, prevents data loss, and works with existing GitOps or CI/CD pipelines to deploy your infrastructure and applications.
What is Zuplo?#
Zuplo is a fully managed API management platform for craftspeople shipping public APIs. Developers and engineers effortlessly launch new API gateways to 300+ edge data centers worldwide, then enable policies like API key authentication and rate limiting in a single click. With an obsession for removing friction, Zuplo is GitOps-ready, OpenAPI-native, programmable, and automatically deploys Stripe-quality developer portals to win over your API consumers.
What are the key differences?#
We love that Solo.io’s Gloo platform is built heavily on open source technology, like Envoy and Istio, and that they don’t restrict your API gateway deployments to certain cloud providers or lock you into a single region. They’ve done great work for operators, working within enterprises, who need to scale and govern their cloud native workloads.
Zuplo, on the other hand, is built for developers and engineers who need to ship APIs fast on a hassle-free API gateway… without sacrificing their API-first culture or their familiar tools and proven workflows.
This foundational differences between Zuplo vs. Solo.io and its Gloo platform become clear in a few ways:
- Self-hosted vs. fully managed
- Managing Kubernetes manifests vs. shipping and perfecting APIs
- The (lack of) developer portals
Self-hosted vs. fully managed#
You’re here because you need a platform that helps you, above all else, ship public APIs quickly and with as little friction as possible. Let’s look at what it takes to get started with Solo.io vs. Zuplo.
Solo.io operates under a self-hosted model, where you license and run their software on your own infrastructure. To get started, you’ll need at least seven utilities on your local system to install Gloo Gateway on an existing Kubernetes cluster. If you don’t yet have a functioning cluster… get ready to add multiple days to your initial projection on when your API would go live on a public cloud as you deal with pricing calculators, unintuitive product decisions, and complex permissions management.
Once you’ve launched Gloo Gateway on your cluster, you’re still responsible for its performance and availability—the most important factors in a public API your consumers can rely on.
Self-hosting is a wonderful option, but it’s not right for API-first startups that need to move quickly and lack the in-house engineering required to set up complex infrastructure—for example, the security and storage required for proper API key management. Instead, we’re a fully managed platform for your entire lifecycle—every API you ship is deployed globally to 300+ edge data centers for incredibly fast performance with none of the architectural complexity. Go multi-cloud on Day 1 and scale to more than 1.5 billion API calls/month on our serverless architecture.
Writing Kubernetes manifests vs. perfecting your APIs#
Every API management platform makes an important—and deeply philosophical decision—about whether their API gateway is designed with operators or developers in mind.
Solo.io’s API gateway product is quite customizable, but only from an operator’s point of view. To enable a new API policy, like rate limiting, you apply new Kubernetes manifests to your existing API gateway using specifications defined by Envoy, one of Gloo Gateway’s many dependencies. Adding in a new API policy looks something like this:
kubectl apply -n gloo-system -f - <<EOF
apiVersion: gateway.solo.io/v1
kind: Gateway
metadata:
name: gateway-proxy
namespace: gloo-system
spec:
bindAddress: '::'
bindPort: 8080
httpGateway:
options:
httpLocalRatelimit:
defaultLimit:
maxTokens: 1
tokensPerFill: 1
fillInterval: 100s
enableXRatelimitHeaders: true
ssl: false
useProxyProto: false
EOFIf you’re an API developer, a head of a team that lacks operational Kubernetes experience, you have two choices with Solo.io’s approach to API management: 1) learn the ins and outs of Kubernetes to go it alone, or 2) ship new APIs while being constantly limited by the speed of your DevOps peers.
As a Solo.io competitor and alternative to Gloo Gateway, Zuplo turns your API gateway back toward developers with a fantastic day-to-day experience and native programmability. You can enable rate limiting per API, per user, or per API key in a few clicks and reconfigure the defaults in JSON. If you want to extend your rate limiting, Zuplo supports running functional business logic directly your API gateway with highly readable and developer-friendly TypeScript:
import { ZuploContext, ZuploRequest } from "@zuplo/runtime";
export function rateLimit(request: ZuploRequest, context: ZuploContext) {
const rateLimitOptions = {
key: request.user.sub,
timeWindowMinutes: 1,
};
// premium customers get 1000 requests per minute.
//Everyone else gets 5 requests per minute
if (user.data.customerType === "premium") {
rateLimitOptions.requestsAllowed = 1000;
return rateLimitOptions;
} else {
rateLimitOptions.requestsAllowed = 5;
return rateLimitOptions;
}
}Even better, Zuplo syncs all your policies, even custom modules, with your Git provider of choice for version control, quality control checks, and repeatability—and full-on GitOps workflows, if that’s your style.
The (lack of) developer portals#
Today, the success of public APIs hinges on how consumable they are. Companies like Stripe and Twilio have invested volumes of cash and engineering hours into delightful, intuitive documentation experiences to educate their API consumers, and have extraordinarily high new standards. You’re expected to compete, but how do you even get started?
Solo.io and the Gloo Gateway can’t help you. Their API management platform doesn’t come with any built-in method of deploying API documentation, leaving you to wade into the vast and complicated world of documentation platforms and OpenAPI generators, all of which you’ll need to carefully develop and manage over time.
Zuplo, on the other hand, is obsessed with the developer experience across your API lifecycle. Every time you deploy a new API gateway, and for each developer environment within them, Zuplo automatically generates a Stripe-quality portal with beautiful references and schemas (go ahead, give it a try!). There’s even built-in API key management to help your API consumers self-serve authentication and get onboarded quickly—essential for lowering your time-to-first-call (TTFC) as a competitive advantage.
Zuplo goes a step beyond simply educating your API consumers with documentation. Once authenticated, your consumers can instantly access analytics for how they use your API, like real-time call volume and status code mix, to help debug issues and optimize how their code accesses your backend.
Detailed API management platform comparison: Zuplo vs. Solo.io#
| Feature | Zuplo | Solo.io |
|---|---|---|
| Cost | - Free: for up to 100K requests/month - $25/month to add a custom domain - $500/month for up to 1M requests/month 99% SLA - Enterprise package for 99.9% SLA | “Tailored pricing options” are hidden behind a form, entering you into a sales cycle just to get a rough estimate of your monthly cost. Pay per cluster. |
| Deployment options | Fully managed and auto-scaled, with deployments to 300+ edge data centers for 50ms response times around the world. | Entirely self-hosted on your Kubernetes cluster(s), with all deployment and management tasks falling on you. Unclear differentiation between Gloo Gateway (v2) and Gloo Edge (v1) in terms of features. |
| Security | Secure tunneling connection based on WireGuard technology to secure backend connections on private or public clouds. | Entirely owned and managed by you. |
| Rate limiting | One-click support for per API, per user, or per API key rate limits, or dynamic customizations with TypeScript. | Yes, but only per API key. |
| GitOps support | Gateway configurations are stored in version control-friendly files, and Git integrations sync desired state with existing CI/CD pipelines. | Support for Argo Rollouts to bring progressive delivery features to your Kubernetes infrastructure. |
| Customization & programmability | TypeScript-based policy and business logic customizations that deploy and run natively on the API gateway. | YAML-based policy and traffic management using Kubernetes manifests. |
| Authentication | Support for API key and JWT management, and external identity providers. Includes unlimited keys, end-user self-service, rate limiting per API key, and open-source React integrations. | No support for API key authentication. Support for JWTs and all author authentication methods are Enterprise-only. |
| Developer environments | Unlimited environments for previews, testing, and production created in seconds by creating a new Git branch. | Deploy, manage, maintain, and pay for multiple environments. |
| OpenAPI support | Support for importing OpenAPI definition for API-first workflows. Additional policies support OpenAPI compliance with request/response inspection. | No native support for OpenAPI definitions—you must convert them to a proprietary format. |
| Stripe-like developer portal | Automatic builds and deployments using an OpenAPI definition, with built-in API key authentication, for beautiful documentation. | None. |
| Multi-cloud | Route to multiple backends with unified API policies for consistent authentication, logging, metrics, and more. | Supported, but if you pay for, deploy, and manage clusters in multiple environments. |
| High availability | Built-in and included in all tiers. | Support for building your own multi-proxy routing with Kubernetes health checks, Envoy Listeners, and an AWS Network Load Balancer (NLB). |
| Integrated Web Application Firewall (WAF) | Built-in for all edge deployments, in partnership with Akamai. | Only available on the paid Gloo Gateway. |
What’s next?#
We expect Solo.io’s Gloo platform for API management will continue to perform well among enterprises migrating to or extending their Kubernetes infrastructure, but only because these folks have the cash and capacity to handle the complexity. For startups or API-first teams, it falls short in helping establish a fast and iterative API lifecycle with extensive programmability and developer experience for themselves and their users.
As an alternative to Solo.io, Zuplo redefines the API lifecycle to help you ship consistent, secure, and resilient APIs using the tools you already love.
Secret know-how#
Founded by a product leader who also founded Azure API Management at Microsoft in 2013, but felt the product was stuck in the dark ages and decided to build an API management platform for developers. Curious how it all went down? We’d love it if you read Zuplo's story.
