Technical Case Study of Migrating Soul's Multi‑Layer Ingress Architecture to Alibaba Cloud Native Gateway (MSE)

Company Soul, a virtual social network founded in 2016, faces performance and reliability challenges due to a long multi‑layer gateway chain consisting of Ingress‑Nginx, micro‑service gateway, SLB, and Tengine.

The main issues include unstable Ingress‑Nginx, gRPC load‑balancing limitations, ingress stability, release jitter, and high latency.

After evaluating Envoy, Alibaba Cloud Native Gateway (MSE) and ALB, the team performed performance tests showing MSE’s superior latency and success rate, especially for gRPC forwarding.

A short‑term plan replaces Ingress‑Nginx and merges entry gateways, while the long‑term “final state” reduces the chain to SLB → MSE → POD/ECS, deprecating micro‑service gateway and Tengine.

Post‑migration results show response time dropping from 500 ms peaks to 50 ms, error‑code 502 dropping to zero, and improved warm‑up behavior for Java services.

Future work includes consolidating traffic, security, and micro‑service gateways, enabling HTTP 3.0, adopting service autonomy, and applying chaos engineering.

Key lessons learned cover service‑weight vs canary‑weight annotations, X‑Real‑IP handling differences, NAT vs FullNAT mode for SLB, and rewrite‑target behavior differences between Nginx‑Ingress and Envoy.