NGINX announces the latest branches of NGINX Open Source, the stable 1.16 branch and the mainline 1.17 branch. New to the stable branch are improvements to UDP proxying, the Random load‑balancing method, support for TLS 1.3 early data, dynamic loading of SSL certificates, and more.

Release 1.5.0 of the NGINX Ingress Controller for Kubernetes introduces a new configuration schema, extended Prometheus-based metrics, simplifications to TLS configuration, support for load balancing traffic to ExternalName services, and a new repository for Helm charts.

NGINX and NGINX Plus can act as an OAuth 2.0 Relying Party, sending access tokens to the Idenity Provider for validation and only proxying requests that pass the validation process.

NGINX is expanding its offerings for the public cloud. Enhancements include support for Amazon EC2 A1 Instances, CentOS 8, and RHEL 8; the NGINX Plus Enterprise Edition; a developer marketplace in partnership with DigitalOcean; and new NGINX Plus Certified Modules.

In this blog we compare the performance of the NGINX Controller API Management Module and Kong. The API Management Module outperforms Kong on every metric: added latency, API calls per second (with and without JWT authentication), and CPU usage.

In this installment of our "Ask NGINX" series, we describe how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, controlling how long content remains in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.

With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.

The second post of our series about protecting SSL private keys shows how to set up HashiCorp Vault to store the passwords that protect private keys, and to configure NGINX to retrieve the passwords. We also discuss using a hardware security module for even greater security.

This blog describes the performance you can achieve with the NGINX Ingress Controller for Kubernetes, in terms of three metrics: requests per second, SSL/TLS transactions per second, and throughput. The full NGINX and Kubernetes configurations we used are included.

One of the biggest challenges in scaling deployments on the Internet of Things is device management, particularly over-the-air updates, commonly called OTA. Guest blogger DeveloperSteve shows how to automate OTA using NGINX as an API gateway, along with the NGINX JavaScript module.