Zuplo vs Solo API Gateway

What are the key differences?#

We love that Solo.io's Gloo platform is built heavily on open source technology, like Envoy and Istio, and that they don't restrict your API gateway deployments to certain cloud providers or lock you into a single region. They've done great work for operators, working within enterprises, who need to scale and govern their cloud native workloads.

Zuplo, on the other hand, is built for developers and engineers who need to ship APIs fast on a hassle-free API gateway… without sacrificing their API-first culture or their familiar tools and proven workflows.

This foundational differences between Zuplo vs. Solo.io and its Gloo platform become clear in a few ways:

• Self-hosted vs. fully managed
• Managing Kubernetes manifests vs. shipping and perfecting APIs
• The (lack of) developer portals

Self-hosted vs. fully managed#

You're here because you need a platform that helps you, above all else, ship public APIs quickly and with as little friction as possible. Let's look at what it takes to get started with Solo.io vs. Zuplo.

Solo.io operates under a self-hosted model, where you license and run their software on your own infrastructure. To get started, you'll need at least seven utilities on your local system to install Gloo Gateway on an existing Kubernetes cluster. If you don't yet have a functioning cluster… get ready to add multiple days to your initial projection on when your API would go live on a public cloud as you deal with pricing calculators, unintuitive product decisions, and complex permissions management.

Once you've launched Gloo Gateway on your cluster, you're still responsible for its performance and availability—the most important factors in a public API your consumers can rely on.

Self-hosting is a wonderful option, but it's not right for API-first startups that need to move quickly and lack the in-house engineering required to set up complex infrastructure—for example, the security and storage required for proper API key management. Instead, we're a fully managed platform for your entire lifecycle—every API you ship is deployed globally to 300+ edge data centers for incredibly fast performance with none of the architectural complexity. Go multi-cloud on Day 1 and scale to more than 1.5 billion API calls/month on our serverless architecture.

Writing Kubernetes manifests vs. perfecting your APIs#

Every API management platform makes an important—and deeply philosophical decision—about whether their API gateway is designed with operators or developers in mind.

Solo.io's API gateway product is quite customizable, but only from an operator's point of view. To enable a new API policy, like rate limiting, you apply new Kubernetes manifests to your existing API gateway using specifications defined by Envoy, one of Gloo Gateway's many dependencies. Adding in a new API policy looks something like this:

kubectl apply -n gloo-system -f - <<EOF
	apiVersion: gateway.solo.io/v1
	kind: Gateway
	metadata:
	  name: gateway-proxy
	  namespace: gloo-system
	spec:
	  bindAddress: '::'
	  bindPort: 8080
	  httpGateway:
	    options:
	      httpLocalRatelimit:
	        defaultLimit:
	          maxTokens: 1
	          tokensPerFill: 1
	          fillInterval: 100s
	    	  enableXRatelimitHeaders: true
	  ssl: false
	  useProxyProto: false
EOF

If you're an API developer, a head of a team that lacks operational Kubernetes experience, you have two choices with Solo.io's approach to API management: 1) learn the ins and outs of Kubernetes to go it alone, or 2) ship new APIs while being constantly limited by the speed of your DevOps peers.

As a Solo.io competitor and alternative to Gloo Gateway, Zuplo turns your API gateway back toward developers with a fantastic day-to-day experience and native programmability. You can enable rate limiting per API, per user, or per API key in a few clicks and reconfigure the defaults in JSON. If you want to extend your rate limiting, Zuplo supports running functional business logic directly your API gateway with highly readable and developer-friendly TypeScript:

import { ZuploContext, ZuploRequest } from "@zuplo/runtime";

export function rateLimit(request: ZuploRequest, context: ZuploContext) {
  const rateLimitOptions = {
    key: request.user.sub,
    timeWindowMinutes: 1,
  };

  // premium customers get 1000 requests per minute.
  //Everyone else gets 5 requests per minute
  if (user.data.customerType === "premium") {
    rateLimitOptions.requestsAllowed = 1000;
    return rateLimitOptions;
  } else {
    rateLimitOptions.requestsAllowed = 5;
    return rateLimitOptions;
  }
}

Even better, Zuplo syncs all your policies, even custom modules, with your Git provider of choice for version control, quality control checks, and repeatability—and full-on GitOps workflows, if that's your style.

The (lack of) developer portals#

Today, the success of public APIs hinges on how consumable they are. Companies like Stripe and Twilio have invested volumes of cash and engineering hours into delightful, intuitive documentation experiences to educate their API consumers, and have extraordinarily high new standards. You're expected to compete, but how do you even get started?

Solo.io and the Gloo Gateway can't help you. Their API management platform doesn't come with any built-in method of deploying API documentation, leaving you to wade into the vast and complicated world of documentation platforms and OpenAPI generators, all of which you'll need to carefully develop and manage over time.

Zuplo, on the other hand, is obsessed with the developer experience across your API lifecycle. Every time you deploy a new API gateway, and for each developer environment within them, Zuplo automatically generates a Stripe-quality portal with beautiful references and schemas (go ahead, give it a try!). There's even built-in API key management to help your API consumers self-serve authentication and get onboarded quickly—essential for lowering your time-to-first-call (TTFC) as a competitive advantage.

Zuplo goes a step beyond simply educating your API consumers with documentation. Once authenticated, your consumers can instantly access analytics for how they use your API, like real-time call volume and status code mix, to help debug issues and optimize how their code accesses your backend.

What's next?#

We expect Solo.io's Gloo platform for API management will continue to perform well among enterprises migrating to or extending their Kubernetes infrastructure, but only because these folks have the cash and capacity to handle the complexity. For startups or API-first teams, it falls short in helping establish a fast and iterative API lifecycle with extensive programmability and developer experience for themselves and their users.

As an alternative to Solo.io, Zuplo redefines the API lifecycle to help you ship consistent, secure, and resilient APIs using the tools you already love.

Secret know-how#

Founded by a product leader who also founded Azure API Management at Microsoft in 2013, but felt the product was stuck in the dark ages and decided to build an API management platform for developers. Curious how it all went down? We'd love it if you read Zuplo's story.