中文在这篇文章中,我们以 WAF 为例,为您提供了“在 Kubernetes 环境中可以在哪些地方部署应用服务”的相关指导。您可以根据自己的需求,以基于每个 Service 或基于每个 POD 的方式,将 WAF 部署在 Kubernetes 环境的“前门” 或 Ingress Controller上。
Owen Garrett
Job title : 产品管理高级总监
Company : F5
Owen is a senior member of the NGINX Product Management team, covering open source and commercial NGINX products. He holds a particular responsibility for microservices and Kubernetes‑centric solutions. He’s constantly amazed by the ingenuity of NGINX users and still learns of new ways to use NGINX with every discussion.
Sort by
处理 ModSecurity 中的 DoS 漏洞(CVE-2020-15598)
On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
在 Kubernetes 中部署应用交付服务(第 1 部分)
这篇文章解释了为什么因分治而重复使用的应用服务反而可以提高整体效率:因为 NetOps 和 DevOps 团队有不同的要求,所以他们会选择最适合他们特定需求的工具。
在 AWS 上选择合适的负载均衡器:AWS Application Load Balancer 与 NGINX Plus 对比
We compare AWS Application Load Balancer (ALB) with NGINX Open Source and NGINX Plus as a Layer 7 reverse proxy and load balancer. ALB has more features than at its debut in 2016, but we conclude that NGINX and NGINX Plus still provide more functionality and much more predictable pricing.
隆重推出用于 Kubernetes 的 NGINX Ingress Controller 1.6.0 版本
Release 1.6.0 of the NGINX Ingress Controller for Kubernetes includes improvements to NGINX Ingress Resources, support for OpenTracing, and much more.
借助 NGINX 处理 PHP-FPM 漏洞(CVE-2019-11043)
We provide guidance on using NGINX to mitigate the recently discovered vulnerability in PHP-FPM (CVE-2019-11043). The vulnerability is triggered when the PATH_INFO variable passed to PHP-FPM with an invalid value, which can happen in a common NGINX configuration.
借助 NS1 和 NGINX Plus 实现全局服务器负载均衡
The NGINX agent for NS1 provides rich load and availability data to the NS1 global server load balancing service, for more agile and sophisticated DNS-based load balancing for sites and apps proxied by NGINX Plus at multiple locations. Our deployment guide provides complete instructions.
隆重推出用于 Kubernetes 的 NGINX Ingress Controller 1.5.0 版本
Release 1.5.0 of the NGINX Ingress Controller for Kubernetes introduces a new configuration schema, extended Prometheus-based metrics, simplifications to TLS configuration, support for load balancing traffic to ExternalName services, and a new repository for Helm charts.
借助 NGINX 基于条件的日志记录对请求进行采样
With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.
使用 HashiCorp Vault 保护 NGINX 中的 SSL 私钥
保护 SSL 私钥系列的第二篇介绍了如何设置 HashiCorp Vault 来存储保护 SSL 密钥,以及如何配置 NGINX 来检索密码。我们还讨论了使用硬件安全模块来实现更高的安全性。
