This part of our series on deploying NGINX Plus as an API gateway - along with its other rich functionality - focuses on gatewaying gRPC services. gRPC is an alternative to REST APIs for building distributed applications, service mesh implementations in particular.

In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body validation to frustrate illegitimate or overly burdensome requests.

The advanced HTTP processing capabilities of NGINX and NGINX Plus make it the ideal platform for building an API gateway. We describe API use cases, show how to configure NGINX to handle them in a way that is efficient, scalable, and easy to maintain, and provide a complete NGINX configuration.

Automation is essential to delivering modern digital experiences. We've created four video demos showing how to automate deployment of NGINX Plus and NGINX App Protect, NGINX Controller, an NGINX Plus data plane using Controller, and GSLB using F5 DNS Cloud Services.

We compare the reverse proxying performance of HAProxy and NGINX. Performance is similar until the request rate is large enough for HAProxy to hit 100% CPU utilization. At that point, its performance degrades significantly while NGINX continues to experience almost no latency.

Since our last update, the NGINX Unit team has released three versions, 1.19.0 through 1.21.0. New features include support for ASGI with Python, multi-threading with several languages (Java, Perl, Python, Ruby), regular expressions in routing conditions, and more.

We explain how NGINX Controller App Security for application delivery provides threat visibility and actionable analytics, enabling SecOps to prevent potential threats, respond in a timely way, and mitigate false positives, resulting in an improved app security posture.

We introduce the NGINX Controller App Security add-on for Controller Application Delivery, which provides an app-centric, self-service way for app teams to enable WAF protection for their apps, while security teams can still define policies and monitor apps for compliance.

NGINX Plus R23 introduces new features including health checks for backend gRPC servers, unprivileged installation, support for the OpenID Connect PKCE extension, finer-grained control over TLS connections, a new method of setting cookie flags, and NGINX JavaScript enhancements.

Release 1.9.0 of the NGINX Ingress Controller introduces updated NGINX App Protect features, new policies (JWT validation, rate limiting, and mTLS authentication), improved visibility with new metrics and Grafana dashboards, integration with NGINX Service Mesh, and more.