Navigate the complexity of distributed environments and securely deliver APIs at scale with this three-tier approach to hybrid and multi-cloud architectures.
NGINX Kubernetes Gateway, our implementation of the Kubernetes Gateway API, enables multiple teams to manage Kubernetes infrastructure in modern app environments. It delivers many capabilities natively that with an Ingress controller require CRDs.
NGINX Management Suite provides holistic visibility and control of NGINX instances, application delivery services, API management workflows, and security solutions.
Popular apps can be vulnerable to traffic surges that overwhelm the APIs and cause cascade failures. In this tutorial, Daniele Polencic of learnk8s demonstrates how to use multiple NGINX Ingress Controllers combined with enable rate limiting to prevent Kubernetes apps and APIs from crashing.
Unit 2 of Microservices March 2022 is all about how to expose your APIs in Kubernetes. Here are links to the resources you need: the livestream taking place on March 14, blogs and other prep resources, and the hands-on lab, “Protect Kubernetes APIs with Rate Limiting”.
When you need an API gateway in Kubernetes, how do you choose among API gateway vs. Ingress controller vs. service mesh? We guide you through the decision, with sample scenarios for north-south and east-west API traffic, plus use cases where an API gateway is the right tool.
With NGINX Plus as an API gateway, you can use JSON Web Tokens (JWTs) to control access to your APIs. We explain how to configure the gateway for JWT-based authentication, issue JWTs to API clients, rate limit, log claims from the JWT, and revoke JWTs.
This part of our series on deploying NGINX Plus as an API gateway - along with its other rich functionality - focuses on gatewaying gRPC services. gRPC is an alternative to REST APIs for building distributed applications, service mesh implementations in particular.
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.