We are thrilled to announce that Higress has officially passed the Technical Oversight Committee (TOC) vote to join the Cloud Native Computing Foundation (CNCF) as a Sandbox project, becoming a proud member of the CNCF ecosystem.
What is Higress?
Higress is an AI-native, high-performance API gateway built on Envoy and Istio. It conceptually unifies the traffic gateway, microservices gateway, and AI gateway into a single control plane, drastically reducing operational complexity for both cloud-native and AI workloads.
Born out of Alibaba’s massive-scale internal production environments, Higress brings enterprise-grade stability and WebAssembly (Wasm) extensibility to the CNCF ecosystem. Today, its core capabilities are built upon two main pillars:
- Ingress controller and gateway capabilities: Higress serves as a highly mature Kubernetes Ingress Controller, offering full support for the Gateway API and its Inference Extension. With Nginx Ingress scheduled for retirement in 2026[1], Higress provides a secure, drop-in replacement for Nginx Ingress. It remains fully compatible with mainstream Nginx Ingress annotations while replacing the vulnerable configuration-injection model with a robust xDS control plane and Wasm sandbox, effectively eliminating the security risks inherent to legacy architectures. Whether organizations choose to maintain existing Ingress setups or migrate fully to the Gateway API, Higress delivers unified, highly scalable traffic governance.
- AI-native gateway capabilities: Higress treats AI traffic as a first-class citizen. It provides native support for Large Language Model (LLM) invocations, the Model Context Protocol (MCP), and diverse AI inference scenarios. By offering token-based rate limiting, multi-model fallback, Retrieval-Augmented Generation (RAG) integration, model-aware routing, and intelligent load balancing, Higress standardizes how cloud-native applications consume LLMs. This positions Higress as the definitive entry point for AI Agents and LLM traffic.
Customer adoption
Higress has already proven its production-ready reliability across a wide range of highly demanding environments. Current enterprise adopters include Alibaba Group, Ant Group, BOSS Zhipin, Cathay Insurance, Ctrip, DJI, Kuaishou, Sealos, and Vipshop. These organizations span major industries such as internet services, finance, travel, hardware, and entertainment. They leverage Higress not only for its robust cloud-native traffic routing but also for deploying AI gateway features directly to enterprise AI Agent applications and MCP services. Furthermore, a growing ecosystem of innovative AI open-source projects, including HiMarket and HiClaw, are already being built on top of Higress.
Why CNCF?
Higress’s entry into the CNCF marks a pivotal milestone in its evolutionary journey, driven by three core objectives:
- Deep ecosystem alignment: The CNCF is home to foundational open-source projects like Kubernetes and Envoy. Built on Envoy and Istio, Higress shares a technical heritage that is inherently native to this environment. Joining the CNCF allows Higress to collaborate intimately with these top-tier projects, co-create technical standards, and solidify its leading role in modern cloud-native architectures.
- Neutral, community-driven growth: The long-term vitality of any open-source project relies on a diverse, active contributor base. By leveraging the CNCF’s neutral governance framework, Higress can attract developers, users, and enterprise contributors from across the globe, free from single-vendor influence. This open model will accelerate innovation and ensure the project remains agile in meeting world wide user needs.
- Standardizing AI infrastructure: As AI applications explode in popularity, the market desperately needs infrastructure explicitly optimized for AI workloads. With its advanced capabilities in unified multi-model management and AI Agent integration, Higress is well-positioned to drive the establishment of universal AI gateway standards within the CNCF platform.
Roadmap: Long-term compatibility and ecosystem evolution
Looking ahead, the project will focus its development on two primary tracks:
- Long-term Ingress compatibility, full Gateway API and Inference Extension support, and comprehensive Nginx Ingress migration solutions:
- Maintain deep compatibility with standard Ingress and Nginx Ingress annotations while supporting a dual-stack coexistence with the Gateway API.
- Strengthen the delivery of Gateway API and Inference Extension capabilities, providing sustainable open-source infrastructure for cloud-native networking and AI applications.
- Deliver comprehensive Nginx Ingress migration paths, ensuring users experience a smooth transition whether they adopt the Gateway API or stick with traditional Ingress.
- Continuous AI capability expansion:
- Deepen support for Model Context Protocol (MCP) to make Higress the standard entry point for AI agents and LLM traffic;
- Introduce “Higress Agent” for autonomous, intelligent traffic governance.
- Enhance support for real-time communication protocols critical to AI streaming scenarios.
- Build robust security management and progressive disclosure frameworks for AI skills.
- Continue advancing core AI-native traffic features, including token-based rate limiting, multi-model fallback, and intelligent load balancing.
Sandbox is just the beginning
Joining the CNCF Sandbox is a starting point, not a finish line. The Higress community remains deeply committed to continuous investment in transparent governance, high-quality documentation, and global community growth.
We thank the CNCF Technical Oversight Committee, the broader cloud-native community, and every contributor and adopter who has supported Higress. We look forward to building a more secure, scalable, and AI-friendly infrastructure alongside the CNCF ecosystem.
Learn more: higress.ai |GitHub |Documentation
[1] https://kubernetes.io/blog/2026/01/29/ingress-nginx-statement/