We can do better.
That is a guiding principle here at NGINX and is core to how we developed the next generation of NGINX Controller, our centralized orchestration and analytics platform.
It’s not that previous versions of Controller were bad. Far from it! Controller is a huge success with customers. It simplifies the deployment, configuration, and monitoring of NGINX Plus instances that act as a web server, proxy, load balancer, API gateway, or combination thereof.
But when I talk with some of our most advanced customers, I hear the same challenges over and over again. Despite tools like Controller, deploying modern applications is hard. There are skills gaps. Automation hiccups. Cloud outages. Tool sprawl. As if writing code weren’t difficult enough, it’s increasingly hard to get code from the heads and hands of developers into production. Applications are core to digital business, but for many organizations it feels like the chasm between developing and deploying applications is widening, not narrowing.
And that’s why we need to do better.
NGINX Plus excels at making both traditional and modern apps fast, scalable, and secure. With NGINX Controller 1.0 and 2.0, we helped manage your fleet of NGINX Plus instances at a scale – but still in an infrastructure‑centric way. The user experience was centered around the underlying NGINX Plus instances, not the atomic unit of value our customers care most about: the app.
That changes with the introduction of NGINX Controller 3.0, which is generally available today.
Release 3.0 is not just an incremental release. It’s a significant platform upgrade. It retains all of the value and lessons learned from the first two major releases and adds a new, application‑centric experience based on the work F5 was developing prior to the NGINX acquisition. Controller 3.0 is a major milestone for the NGINX product group here at F5, and a significant demonstration of why NGINX and F5 are better together. Let’s explore why.
The Value of an Application‑Centric Approach
It may seem I’m downplaying previous Controller releases, but the reality is that an infrastructure‑centric approach is common to all solutions in the industry. Most app services are rooted in hardware and software platforms that are designed to be “bumps on the wire” sitting in front of your apps. This approach doesn’t work as app design shifts away from monolithic, three‑tier app architectures to distributed, microservices‑based architectures. App architectures have evolved to include containers, Kubernetes, RESTful APIs, and more. Bump-on-the-wire app and API delivery solutions have tried to accommodate these distributed architectures by repackaging their existing infrastructure‑centric approach. Some seek to go further by integrating virtual appliances with the underlying virtual machine (VM) or platform-as-a-service (PaaS) solutions. But the resulting products are too slow, too complex, or too difficult for Dev and DevOps teams to use.
That’s where F5 and NGINX enter the picture. Prior to the acquisition of NGINX, F5 was working on a fundamentally different application delivery controller (ADC). Immediately after the close of the acquisition in May 2019, we merged the team working on this project with the NGINX Controller development team. Today, we’re releasing a converged platform as NGINX Controller 3.0. It incorporates the best of NGINX Controller 1.0 and 2.0 and adds the app‑centric user experience pioneered by F5.
We believe Controller 3.0 is the industry’s first app‑centric approach to managing and delivering apps and APIs. But what does app‑centric really mean?
Setting the Bar for an App‑Centric Approach
There is a fundamental shift in the way teams will manage and deliver apps. Traditionally there is a divide between the app teams that develop code and the operations teams that release and manage the finished app. DevOps evolved to bridge this divide, and many organizations swung the pendulum towards developer empowerment. Under pressure to release code faster, app development (AppDev) teams looked for software‑based infrastructure they could deploy, manage, and integrate into their CI/CD workflows, and found an ideal solution in tools like NGINX Open Source and NGINX Plus. The problem? Shadow IT – many developers now sidestep the IT and compliance requirements their companies put in place to protect apps and data.
That’s where an app‑centric approach comes in. Many agree that being app‑centric means starting with the app and keeping it the central focus. But what does that look like exactly? We believe that the following are crucial attributes of an app‑centric delivery solution:
- Consolidated with a modular architecture that combines multiple app services in a single, programmable platform, eliminating tool sprawl and reducing costs.
- Decoupled elements of the solution so they can scale independently, retaining performance and reliability in distributed architectures.
- Abstracted from underlying infrastructure, resulting in true portability as your app grows.
- Instrumented for end-to-end visibility across multiple app services so you can provide powerful insights and meet SLAs with customers without having to aggregate output from disparate monitoring tools.
- Streamlined, with DevOps workflows for canary and blue/green testing, certificate management, and CI/CD integration that don’t require you be a config expert.
- Automated, intelligent scaling of the app at the point of a bottleneck, eliminating the need to scale infrastructure across the entire app.
- Customized with role‑based views so that infrastructure, DevOps, security, and app teams can see app services the way they need to do their job.
- Extended with a self‑service portal so app teams remain agile while operations and security teams retain visibility and control of governance and policy settings.
- Simplified with baked‑in security that pushes the point of control as close to the app logic as possible, so that security doesn’t impair agility or performance.
- Integrated with ecosystem partners so customers have choice, not lock‑in, across preferred CI/CD, monitoring, security, and analytics tools.
This set of characteristics make it possible to effectively balance developer productivity with operations compliance. It also shifts the center of gravity from the infrastructure supporting the app to the app itself. With Controller 3.0, teams – spanning DevOps, NetOps, SecOps, and AppDev – can work together across the app lifecycle, managing the tasks relevant to their roles.
Just as important, these principles enable the solution to grow with organizations as they move into new clouds or adopt new technologies. Such an app‑centric solution simplifies and accelerates modern app deployments, which in turn drives business growth.
So when the NGINX and F5 teams combined after the acquisition to reimagine the next generation of NGINX Controller, we held ourselves to this new, higher standard of app‑centricity.
Introducing Controller 3.0, the First App‑Centric Delivery Platform
The significance of today’s release of NGINX Controller goes beyond a simple “.0” release. We are introducing an app‑centric approach that will change how any NGINX Plus shop – from those just beginning to some of the most advanced, sophisticated teams in the world – can deliver traditional apps, modern apps, and APIs.
There are many new capabilities and features in Controller 3.0. Stay tuned as we deep‑dive on these in upcoming blogs, videos, and demos. For now, I want to provide an overview of the main capabilities that we are delivering for app‑centricity:
Collaborative with a new self‑service portal that supports multiple roles. Consider the common example where AppDev creates a new app feature and opens a ticket to implement blue/green and canary testing. DevOps deploys the feature to production, opening another ticket to configure web servers, load balancers, and API gateways to serve live traffic. Yet another ticket is opened to update WAF policies. These tickets get assigned to NetOps and SecOps teams, which creates a bottleneck and slows time to market.
Controller 3.0 changes the scenario and its outcomes by introducing a self‑service portal, role‑based access control (RBAC), and modular workflows that facilitate a collaborative effort across the deployment lifecycle. The result: No more painful tickets, improved productivity, and faster time to market.
DevOps‑optimized with a new configuration API. We instrumented Controller 3.0 with a RESTful configuration API. Now DevOps teams can manage their workflows without having to connect CI/CD and automation tools separately to each NGINX Plus instance. They write once to the Controller API and Controller manages the complexity of NGINX Plus at the data plane.
Intuitive with a new app‑centric user interface. Teams managing large, complex apps expend considerable energy understanding app behavior. They pull metrics from multiple infrastructure elements into multiple tools in an effort to get an end-to-end view of the app. Controller 3.0 changes this with a new app‑centric UI.
Now you can log in and immediately see the health of your entire app, troubleshoot its components, and define and implement new policies – all in terms of the app, not the underlying NGINX Plus instance. This eliminates the need to stitch together an end-to-end view but still lets you drill down to a detailed view of the infrastructure if necessary.
Efficient with new services like a built‑in certificate manager. It’s not uncommon for app delivery to involve hundreds, if not thousands, of servers, proxies, load balancers, and API gateways. One of the more arduous tasks is managing security certificates across this fleet of infrastructure. NGINX Plus consolidates this infrastructure into a single pool of instances, but users still need complex workflows to maintain certificates.
Controller 3.0 introduces a new, built‑in certificate manager. This, combined with the self‑service portal, API, and app‑centric UI, automates and integrates certificate management into DevOps environments. Controller ensures your infrastructure is compliant and eliminates painful security bottlenecks.
I’m really excited by the new capabilities in Controller 3.0, but this release is just the beginning. We will continue to introduce new app‑centric capabilities in a regular cadence of releases. Our goal is to streamline collaboration among all teams, spanning the entire app and API delivery lifecycle. Removing friction and further optimizing NGINX Plus for DevOps environments significantly improves developer productivity and speeds time to market for new apps.
I’m confident Controller can help you better deliver and manage apps and APIs in a DevOps world. Try it out and let me know what you think. With your feedback, we can continually raise the bar.
Together, we can do better.