Higress has officially passed the CNCF Technical Oversight Committee vote and joined the Cloud Native Computing Foundation as a Sandbox project. The AI-native, high-performance API gateway provides a unified solution for traffic management across both traditional cloud-native workloads and emerging AI inference workloads, positioning it as a critical component in the evolving infrastructure landscape.
Unified Gateway Architecture
Higress is built upon the proven foundation of Envoy and Istio, conceptually unifying traffic gateway functionality, microservices gateway capabilities, and AI gateway features into a single coherent control plane. This consolidation significantly reduces operational complexity for platform teams managing heterogeneous workloads spanning from legacy REST APIs to modern LLM-powered applications.
Born from Alibaba’s massive-scale production environments that handle billions of requests daily, Higress delivers enterprise-grade stability with WebAssembly (Wasm) extensibility for custom logic. Its core capabilities center on two foundational pillars: a mature Kubernetes Ingress Controller supporting both the Gateway API standard and the Inference Extension specification, and native AI traffic management specifically optimized for large language model inference workloads.
Migration Path from Nginx Ingress
With the Nginx Ingress Controller scheduled for retirement in 2026, Higress positions itself as a secure, largely drop-in replacement. The project maintains full compatibility with mainstream Nginx Ingress annotations while replacing the vulnerable configuration-injection model with a robust xDS control plane and WebAssembly sandbox, effectively eliminating the security risks inherent to legacy architectures.
Organizations can maintain their existing Ingress configurations during migration or progressively transition fully to the Gateway API, receiving unified, highly scalable traffic governance either way. This flexibility acknowledges the reality of enterprise infrastructure migrations, where complete rewrites are often impractical.
AI-Native Gateway Capabilities
Higress treats AI traffic as a first-class citizen, providing native support for Large Language Model invocations, Model Context Protocol (MCP) interactions, and diverse AI inference scenarios. Key capabilities include sophisticated token-based rate limiting, intelligent multi-model fallback mechanisms, Retrieval-Augmented Generation integration for context enrichment, model-aware routing based on load and cost, and intelligent load balancing across inference clusters.
This comprehensive feature set positions Higress as a definitive entry point for AI Agent traffic and LLM workloads, standardizing how cloud-native applications consume AI services across organizational boundaries.
Production Adoption and Future Roadmap
Higress already operates in demanding production environments across major enterprises including Alibaba Group, Ant Group, DJI, Ctrip, and Kuaishou. These organizations leverage Higress for both traditional cloud-native traffic routing and direct AI gateway deployment, validating the approach across diverse use cases.
The project roadmap emphasizes long-term Ingress compatibility for migration continuity, full Gateway API and Inference Extension standardization, and comprehensive Nginx Ingress migration tooling. AI capability expansion plans include deeper MCP support, autonomous traffic governance through the “Higress Agent” concept, and enhanced security frameworks for AI skill providers.
Community and Ecosystem
The Higress community has grown significantly since the project’s open-sourcing, with contributors from multiple organizations enhancing documentation, building integrations, and improving stability. The CNCF Sandbox status provides a neutral governance home that encourages broader adoption and contribution from organizations that prefer foundation-hosted projects.
The project maintains active communication channels including community meetings, Slack channels for real-time support, and comprehensive documentation for both operators and developers. This community-driven approach ensures that Higress evolves based on actual production needs rather than vendor-specific requirements.