No Image

Virtual Patching with the NGINX JavaScript Module

2018-11-20 KENNETH 0

Virtual Patching with the NGINX JavaScript Module table, th, tr, td { border: 0; padding: 0px !important; margin: 0px !important; } Virtual patching refers to fixing a problem with application code by making a change to related infrastructure rather than the code itself. In the security realm, it’s common to use ModSecurity to virtually patch a vulnerability, for example. But virtual patching can be applied to other types of bugs as well, such as the bugs in backend applications we often encounter in production environments. For various reasons it can be challenging to fix these bugs directly (for example, if the original developer has left the company) and virtual patching is a practical alternative. An NGINX Plus customer recently experienced an unusual issue: a client‑side app was making GET and POST requests in lowercase (as get and post). The backend application [ more… ]

Announcing NGINX Ingress Controller for Kubernetes Release 1.4.0

2018-11-16 KENNETH 0

Announcing NGINX Ingress Controller for Kubernetes Release 1.4.0 We are pleased to announce release 1.4.0 of the NGINX Ingress Controller for Kubernetes. This represents a milestone in the development of our supported solution for Ingress load balancing on Kubernetes platforms, including Amazon Elastic Container Service for Kubernetes (EKS), Diamanti, Google Kubernetes Engine (GKE), IBM Cloud Private, Microsoft Azure Container Service (AKS), Red Hat OpenShift, and others. Release 1.4.0 includes: Support for TCP and UDP load balancing – Enables efficiencies by using the same Ingress routing tier for all protocols, not just HTTP Extended Prometheus support – Introduces support for stub_status metrics with NGINX Open Source, and extended TCP and UDP metrics with NGINX Plus Easy development of custom Annotations – Makes it simpler to configure more NGINX load‑balancing features for your applications Support for a “power of two choices” load‑balancing algorithm – Enables the new Random with [ more… ]

NGINX and the “Power of Two Choices” Load-Balancing Algorithm

2018-11-13 KENNETH 0

NGINX and the “Power of Two Choices” Load-Balancing Algorithm New use cases sometimes require new load‑balancing algorithms, and in NGINX Plus R16 and open source NGINX 1.15.1 we added a new method that is particularly suitable for distributed load balancers: an implementation of the “power of two choices” algorithm. Why Do We Need a New Load‑Balancing Algorithm? Classic load‑balancing methods such as Least Connections work very well when you operate a single active load balancer which maintains a complete view of the state of the load‑balanced nodes. The “power of two choices” approach is not as effective on a single load balancer, but it deftly avoids the bad‑case “herd behavior” that can occur when you scale out to a number of independent load balancers. This scenario is not just observed when you scale out in high‑performance environments; it’s also observed in containerized [ more… ]

Architecting Robust Enterprise Application Network Services with NGINX and Diamanti

2018-11-09 KENNETH 0

Architecting Robust Enterprise Application Network Services with NGINX and Diamanti If you’re actively involved in architecting enterprise applications to run in production Kubernetes environments, or in deploying and managing the underlying container infrastructure, you know firsthand how containers use IT resources quite differently from non‑containerized applications, and how important it is to have an application‑aware network that can adapt at the fast pace of change typical of containerized applications. In this blog, we look at how the synergy between bare‑metal container infrastructure and an application‑centric load‑balancing architecture enables enterprises to deploy network services that are tailored to the needs of their containerized applications. Recently, Diamanti – a leading provider of bare‑metal container infrastructure – announced its technology partnership with NGINX, developer of the eponymous open source load balancer. Below, we’ll offer up a look at a few common use cases for modern [ more… ]

No Image

An Open Memo to IBM: With Great Power Comes Great Responsibility

2018-11-06 KENNETH 0

An Open Memo to IBM: With Great Power Comes Great Responsibility IBM’s recent acquisition of Red Hat came as a shock to many in the industry. It does have some overarching positives. It validates the mainstream acceptance of open source by enterprises. It proves hybrid cloud is as critical as public cloud to these enterprises, if not more so. And it lends credibility to a fourth public cloud provider, ensuring enterprises have more choice and a way to stitch applications across a multi‑cloud infrastructure stack. I’ve seen a lot of people venting on social media and, to be honest, I get it. Acquiring Red Hat comes with a tremendous amount of responsibility. But it’s also a brilliant move by IBM. I’ll elaborate on that in a bit, as well as why I think it’s a net‑positive for NGINX, but first I need [ more… ]