Evolution of the Tianyi Account Gateway System: From Zuul 1.0 to Kong‑based 3.0

1. Introduction

Recently I have been studying gateway articles and this piece shares the evolution of the Tianyi Account gateway architecture, aiming to provide insights for readers.

2. Tianyi Account Gateway Evolution

2.1 1.0 Version (2017)

The initial gateway was built on the open‑source Zuul component from Spring Cloud, combined with Eureka, Ribbon, Hystrix, etc., providing authentication, dynamic routing, data transformation, and circuit breaking via core filters.

By 2018 the system faced performance bottlenecks (≈1000 QPS per instance) and limited flexibility, prompting the need for architectural upgrades.

2.2 2.0 Version

After evaluating Kong, OpenResty, Nginx, and Zuul, the team chose to extend Kong with custom plugins. The upgraded architecture introduced plugin‑based extensibility, horizontal scaling, high availability, and dynamic routing.

Key features added:

AppKey authentication, SSL/TLS, IP/APP black‑/white‑lists

Financial‑grade encryption/signature algorithms (SM2/SM3/SM4)

Asynchronous logging via Redis/Kafka, tracing with Zipkin and Prometheus

Fine‑grained rate‑limit and circuit‑break strategies

Performance tests showed the 2.0 gateway reaching 12‑13 k QPS under load.

2.3 3.0 Version

To meet the demands of password‑less authentication and higher SLA requirements, the team designed a 3.0 architecture based on Kong 2.4.0 (OpenResty 1.19.3.1, Nginx 1.19.3) with CP/DP mixed deployment.

Improvements include:

Feature decoupling and stable open‑source community

Operational stability with CP fallback

Support for multi‑language plugins (Go, JavaScript, Lua)

UDP proxy support

Precise gateway grouping by domain, business characteristics, and traffic volume reduces impact during traffic spikes and enables targeted scaling.

Additional CP upgrades introduced Consul for service discovery, a DP cache‑control plugin, and a traffic‑replication plugin for safe testing.

Benchmark results demonstrated single‑node QPS exceeding 20 k, an 80% performance gain over 2.0, and SLA of 99.96% during peak traffic.

3. Conclusion

The gateway has evolved from a basic Zuul implementation to a highly scalable, cloud‑native Kong‑based platform, achieving 20‑fold performance improvement, unified traffic entry, high availability with DNS‑based failover, and a rich set of reusable plugins supporting multiple languages and UDP proxying.