分类: 博客文章

NGINX Plus R24 introduces support for encrypted JSON Web Tokens (JWE) and integration with F5 Device ID+. The NGINX JavaScript module reaches an important milestone with support for response filtering and use of HTTP-based authentication services for TCP/UDP connections.

NGINX JavaScript 是面向 NGINX 和 NGINX Plus 扩展功能的一种独特的 JavaScript 实现。我们不断地为其添加新功能，并发布使用这些功能的用例。这篇文章包含了完整的用例列表。

较之单体架构的应用，微服务之间的东西向通信需要在网络上传输更多的数据。使用双向 TLS (mTLS) 加密并验证这些通信内容十分重要。这篇文章中，我们深入阐述了 NGINX Service Mesh 是如何实施 mTLS 的。

Our goal at NGINX has always been to provide the foundation our customers and community need to deliver modern apps. Based on Abraham Maslow's famous hierarchy of needs for humans, here we show how NGINX offerings satisfy an app's hierarchy of needs at multiple levels.

NGINX Ingress Controller 现可以代码片段方式增强 TCP/UDP 负载均衡能力，并提供健康检查和多种 TransportServer 资源。1.11.0 版本还引入了 WAF 策略，从而可以更轻松地配置 NGINX App Protect，另外它还提供了对 Istio 的兼容性以及其它更多功能。

通过本文中讨论的流量控制和流量精分（速率限制、断路、调试路由、A/B 测试、灰度部署和蓝绿色部署）来提高 Kubernetes 应用的弹性，并学习 NGINX 的产品如何使流量控制和流量精分更容易实现。

F5 Agility 2021 takes the virtual stage on April 20–22 this year, and the NGINX team will be there in full force. Don't miss our sessions and demos on production-grade Kubernetes, real-time API management, and synergies between F5 and NGINX products.

NGINX App Protect 以“安全防护即代码”为核心，而这正是 API 防护的关键。借助 NGINX App Protect，您可以将无中断安全控制集成到您的自动化及 CI/CD 流程中，以确保安全防护从应用开发伊始就已然内置其中，而不是最后再打补丁。

The more ways you leverage the power of NGINX, the more of challenge it can be to track and manage the NGINX Open Source and NGINX Plus instances across your infrastructure. Introducing NGINX Instance Manager, one tool for tracking, configuring, and monitoring NGINX at scale.

Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.