nginx

NGINX Plus and Microsoft Azure Load Balancers table.nginx-blog, table.nginx-blog th, table.nginx-blog td { border: 2px solid black; border-collapse: collapse; } table.nginx-blog { width: 100%; } table.nginx-blog th { background-color: #d3d3d3; align: left; padding-left: 5px; padding-right: 5px; padding-bottom: 2px; padding-top: 2px; line-height: 120%; } table.nginx-blog td { padding-left: 5px; padding-right: 5px; padding-bottom: 2px; padding-top: 5px; line-height: 120%; } table.nginx-blog td.center { text-align: center; padding-bottom: 2px; padding-top: 5px; line-height: 120%; } [Editor – This post has been updated to reflect the features supported by NGINX Plus and Azure load balancing services as of June 2021. It also refers to the NGINX Plus API, which replaces and deprecates the separate dynamic configuration module mentioned in the original version of the post.] Customers using Microsoft Azure have three options for load balancing: NGINX Plus, the Azure load balancing services, or NGINX Plus in conjunction with the Azure load balancing [ more… ]

Supporting Pride Month Through Action At NGINX, we have always taken pride in our LGBTQ+ employees, and since joining F5, we’ve strengthened that commitment to the community even further. Our main offices in San Francisco, CA, and Cork, Ireland, have always reflected the attitude of both cities towards the LGBTQ+ community and the issues faced by its members. In San Francisco, arguably one of the most gay‑friendly and diverse cities in the world, mentioning a same‑sex partner or being transgender doesn’t raise an eyebrow. In Cork, although a small city on the Atlantic fringes of Europe, the city’s positive attitude towards LGBTQ+ issues harks back to the time when the grassroots Cork Gay Collective started campaigning alongside sister organizations across Ireland for gay rights (as they were then called) in the 1970s. As a result of our queer‑friendly heritage at NGINX, [ more… ]

Updating NGINX for a DNS Resolver Vulnerability (CVE-2021-23017) Today we are releasing updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller in response to a recently discovered low‑severity vulnerability in the NGINX implementation of DNS resolution. For full details and mitigation instructions, see the F5 Security Advisory about CVE-2021-23017.<!– is documented in CVE-2021-23017 –> The patch for this vulnerability is included in the following NGINX versions: NGINX Open Source 1.20.1 (stable) NGINX Open Source 1.21.0 (mainline) NGINX Plus R23 P1 NGINX Plus R24 P1 NGINX Ingress Controller 1.11.2 NGINX Ingress Controller 1.11.3 We recommend that you upgrade NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to the latest versions. For NGINX Plus upgrade instructions, see Upgrading NGINX Plus in the NGINX Plus Admin Guide. NGINX Plus customers can contact our support team for assistance at https://my.f5.com/. This vulnerability was discovered and responsibly disclosed to [ more… ]

How to Use NGINX Service Mesh for Secure Access Control By default all services in a Kubernetes environment can talk to one another. This might be acceptable if your apps don’t deal with sensitive information, but if the APIs published by your services expose personal information like passwords and credit card numbers, access by bad actors can quickly lead to embarrassing and expensive data breaches. To protect sensitive information, you can use NGINX Service Mesh to set up a zero‑trust environment with fine‑grained control over which services are authorized to communicate. NGINX Service Mesh takes advantage of resources that the Service Mesh Interface (SMI) spec defines for implementing authorization, which it calls traffic access control. Building on these resources, it takes just a few minutes to define a traffic‑access policy in NGINX Service Mesh. In this demo, we walk through [ more… ]