nginx

Deploying Application Services in Kubernetes, Part 1 If we’ve observed just one change that has come with the growth of Kubernetes and cloud‑native architectures, it’s that DevOps teams and application owners are taking more direct control over how their applications are deployed, managed, and delivered. Modern applications benefit from an increasingly sophisticated set of supporting “application services” to ensure their successful operation in production. The separation between the application and its supporting services has become blurred, and DevOps engineers are discovering that they need to influence or own these services. Let’s look at a couple of specific examples: Canary and blue‑green deployments – DevOps teams are pushing applications into production, sometimes multiple times per day. They actively use the traffic‑steering capabilities of the load balancer or application delivery controller (ADC) to validate new application instances with small quantities of traffic before [ more… ]

Best Practices for Managing Internal APIs Some consumer‑facing APIs are so widespread they’ve become household names – think Google Maps and Stripe – but internal APIs are the real powerhouse of the API economy. Internal APIs – by which we mean APIs exposed only to clients and developers within an organization – are a key pillar for an enterprise’s digital transformation efforts. Building internal APIs is usually the first step in the development of digital products and services. In fact, according to IDC’s recent survey, APIs – The Determining Agents Between Success or Failure of Digital Business, supporting internal integration of applications and products is one of the top priorities for API development initiatives in enterprises. Why are internal APIs important? What are the benefits of internal APIs? And crucially, what’s the most optimal architecture to manage them? This blog addresses these questions to help [ more… ]

Why DNS Is Critical for Modern Application Deployments In a previous blog, I explained how application outages can impact customer confidence and bring your business to a standstill. In today’s marketplace, failing to adapt and deliver new services to the market quickly can be just as harmful. With the rise of DevOps and improvements to the tooling that supports continuous integration and continuous delivery (CI/CD), companies can improve their ability to deploy and ship code with excellent results. But in rolling out new updates, they still want to mitigate their risk of a bad deployment, minimizing the chance of downtime for their customers. This blog post explores different deployment strategies DevOps and NetOps teams can use to seamlessly and safely deploy updates to production, and explains how DNS can work with specific deployment models. Blue-Green Deployments Blue-green deployments are a [ more… ]

Setting Up App Security as-a-Service for NGINX in Under 5 Minutes with F5 Essential App Protect Modern applications require modern app security solutions. With the ever‑increasing pace of framework‑based app development, the growth of microservices topologies, and the ever‑changing security landscape, app security is becoming increasingly challenging for developer teams. This is where modern web application firewall (WAF) solutions step in. F5 Essential App Protect, launched earlier this year, and NGINX App Protect both provide WAF capabilities for NGINX and NGINX Plus by focusing on signature‑based app protection and are built with DevOps and CI/CD in mind. However, they are architected, configured, and deployed in different ways, and serve different purposes depending on your organization’s needs: NGINX App Protect runs on NGINX Plus and is deployed as a lightweight software package within your app infrastructure to provide advanced security protection for your [ more… ]

Achieving FIPS Compliance with NGINX Plus If you work in government or a regulated industry, you’ve no doubt heard of the Federal Information Processing Standards, perhaps better known by the acronym FIPS. FIPS is a very broad set of standards publications, but in the software industry the term usually refers to the publication specifically about cryptography, FIPS 140-2 Security Requirements for Cryptographic Modules. FIPS 140-2 is a product of the joint effort between the United States and Canada called the Cryptographic Module Validation Program. It standardizes the testing and certification of cryptographic modules that are accepted by the federal agencies of both countries for the protection of sensitive information. FIPS 140-2 defines four security levels (1–4) which correlate to the level of protection a FIPS‑certified module must provide. Security Level 1 relates specifically to software cryptographic modules. It stipulates which cryptographic [ more… ]