How Kujiale Guarantees Stable Open APIs with Automated Governance and Traffic Control

Introduction

Kujiale provides an open API capability to connect customer systems with the Kujiale platform, divided into an Open API platform side (offering basic capabilities) and a business side (offering underlying business interfaces). Business side changes are frequent and uncontrolled, leading to issues that directly affect customer systems and are hard to troubleshoot.

For example, a business API may return an extra field that the platform does not intercept, causing the customer system to fail parsing and potentially crash.

Another case is a sudden traffic surge during a customer’s stress test, which can crash the entire service and impact other customers.

Therefore, the Open API platform must manage the underlying business APIs and provide higher stability guarantees.

Goals

Ensure the API documentation matches the actual interface behavior, with consistent request and response fields.

Detect API anomalies immediately and notify the responsible developers.

Control traffic spikes from customer systems.

Specific Measures

Measures are divided into pre‑control and post‑monitoring.

Pre‑control

Process control and automated checkpoints.

Process control: API release and changes must pass a complete review workflow across internal, beta, and production environments, involving business developers, business testers, and the API platform for approval. API documentation is also standardized, covering format, required input types, guaranteed output types, and accurate error codes.

Automation coverage: Business owners are responsible for their APIs, and the platform organizes full automation coverage with a unified platform for observing results.

Define API development and testing owners; testing owners must automate the external API, not just the underlying business API.

Each release must pass the automation checkpoint.

Post‑monitoring

Gateway field mapping, online traffic inspection, and abnormal traffic throttling.

Gateway field mapping: After a customer integrates Kujiale APIs, any change in returned fields can cause failures. The gateway stores a mapping configuration that determines which fields are exposed, allowing internal changes without affecting external contracts.

Online traffic inspection: Sampling rules are applied to reduce cost:

httpcode != 200 → 20% sampling.

httpcode = 200 & response.c != 0 → 20% sampling.

httpcode = 200 & response.c = 0 → 5% sampling.

Each API also has an hourly sampling limit to avoid over‑sampling high‑traffic APIs. Alerts are triggered for the first abnormal scenario, for business error codes, for mismatched field structures, and for encoding issues.

Active inspection: The platform periodically calls APIs using stored keys and checks the HTTP status to verify the health of underlying services.

Abnormal traffic throttling: Implemented via

sentinel-api-gateway-adapter-common

, supporting custom throttling rules based on API type (openapi, oauth, sdk, platform), single API, and merchant/application dimensions. Rule types include generic and specific conditions, allowing configurations such as maximum QPS per API, per interface, or per merchant application.

Current Results

Kujiale now has over 900 open APIs under governance, with more than 90% automated coverage and field‑mapping enabled. Over 10,000 throttling rules are configured, traffic inspection runs stably, and about 200 alerts have been sent covering 48 APIs, greatly improving developers’ sensitivity to online issues and minimizing customer impact.

Recommended Reading

MTSC专题系列——酷家乐线上稳定性保障体系实践

前端性能保障体系

UE材质效果回归平台

Spock 接口自动化实践

利用流量分析提升接口测试质量