NGINX AppWorld Labs - Index

Welcome to the NGINX Modern Apps labs at AppWorld 2025

The content contained here leverages a full DevOps CI/CD pipeline and is sourced from the GitHub repository at https://github.com/f5devcentral/f5-agility-labs-nginx. Bugs and Requests for enhancements can be made by opening an Issue within the repository.

Contents:

• Class 1 - Intro to NGINX Plus
  • Introduction
  • Module 1: Introduction to NGINX Plus Concepts
  • Module 2: Introduction to custom NGINX Plus logging
  • Module 3: Introduction to the NGINX Plus API
• Class 2 - NGINX Plus CI/CD Lab
  • Introduction
  • Module 1: Creating docker images for NGINX Plus
  • Module 2: Deploying NGINX Plus web server with CI/CD
  • Module 3: Continuous Deployment for NGINX Plus Load Balancers
• Class 3 - NGINX Dataplane Scripting
  • Getting Started
  • Hello World [http/hello]
  • Decode URI [http/decode_uri]
  • Extract JWT Payload into NGINX Variable [http/authorization/jwt]
  • Subrequests join [http/join_subrequests]
  • Secure hash [http/authorization/secure_link_hash]
  • File IO [misc/file_io]
  • Complex redirects using njs file map. [http/complex_redirects]
  • Injecting HTTP header using stream proxy [stream/inject_header]
  • Generating JWT token [http/authorization/gen_hs_jwt]
  • Choosing upstream in stream based on the underlying protocol [stream/detect_http]
  • Authorizing requests using auth_request [http/authorization/auth_request]
  • Authorizing requests based on request body content [http/authorization/request_body]
  • Subrequests chaining [http/subrequests_chaining]
  • Authorizing connections using ngx.fetch() as auth_request [stream/auth_request]
  • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
  • Converting response body characters to lower case [http/response/to_lower_case]
  • Reading subject alternative from client certificate [http/certs/subject_alternative]
• Class 4 - Introduction to NGINX Instance Manager
  • Introduction
  • Background
  • Overview
  • Module 1: Access the NGINX Instance Manager UI and Scan for instances
  • Module 2: Managing NGINX Instances
  • Module 3: Securing NGINX Instance Manager
• Class 5 - Application Security and Observability with NAP
  • Introduction
  • Module 1: NGINX App Protect 5 OSS in a VM
  • Module 2: NGINX App Protect 5 in a Kubernetes Cluster
• Class 6 - NGINX API Management
  • Module 1 - Deploying an API for a modern app
  • Module 2 - Deploy the API Gateway instance
  • Module 3 - Publish the API
  • Module 4 - Add security controls
  • Module 5 - DevPortal
  • Module 6 - Reporting
• Class 7 - NGINX Kubernetes Ingress Controller, the new Rancher Manager and Rancher Kubernetes Engine 2
  • Introduction
  • Module 1: UDF and Environment walk through.
  • Module 2: Using the provided GitHub GIST you will Stand up the Rancher Kubernetes Engine 2 (RKE2) and deploy NGINX Ingress Controller
• Class 8 - Mastering NGINX One: Performance Tuning and Security Hardening Best Practices
  • Getting Familiar with the Lab
  • Start Your Tuning
  • High Volume Testing, Identifying Break Points
  • Tuning Buffers and Cache
  • Additional Tuning Parameters and Best Practices
  • Security Hardening
• Class 9: Zero Trust at Scale with F5 NGINX
  • Introduction
  • Let’s Get Started - Join the UDF Course
  • Installing Prerequisites:
  • Configuring the BIG-IP APM as an Authorization Server
  • Configure NGINX Plus as the OpenID Connect relying party
  • Testing the config
  • Manage NGINX Plus with Instance Manager
• Class 10 - NMS API Connectivity Manager
  • Module 1 - Deploying an API for a modern app
  • Module 2 - Infrastructure team - Deploy Nginx instances
  • Module 3 - API Team - Publish API v1.0
  • Module 4 - Dev Team - Consume API v1.0
  • Module 5 - API Team - Publish API v2.0
  • Module 6 - Dev Team - Consume API v2.0
  • Module 7 - Advanced Security Lab
  • Module 8 - Observability and Monitoring
• Class 11 - F5 NGINX Plus Ingress Controller as an API Gateway for Kubernetes
  • Task 00: Kubernetes Lab Environment
  • Task 01: Create API Service in Kubernetes
  • Task 02: Create https://jobs.local/get-job API endpoint
  • Task 03: Complete the https://jobs.local Application
  • Task 04: OpenAPI Spec Enforcement with NGINX App Protect
  • Task 05: Authorization - Signed JSON Web Token (JWT) Validation
  • Task 06: API Request Rate-Limiting
• Class 12 - The Path to Understanding Kubernetes and Containers
  • The Path to Understanding Kubernetes and Containers - Intro
  • Official Kubernetes Documentation
  • Lab Inventory
  • Accessing the Lab
  • Module 1 - Container and Kubernetes Overview
  • Module 2 - Kubernetes Operations
  • Module 3 - Kubernetes Troubleshooting
• Class 13 - Maximize ROI with F5 NGINX App Protect(NAP) using Observability
  • Introduction
  • Get familiar with the components in UDF
  • NGINX App Protect WAF Dashboard
  • GitOps continuous delivery for NGINX App Protect with ArgoCD
• Class 14 – Operationalize NGINX One Configuration and Enable Self-Service through Templates
  • Introduction
  • Intro - UDF blueprint deployment
  • Understanding the NGINX Instance Manager solution
  • Introduction to NIM Templates
  • Importing NIM Templates
  • Configure NGINX Using a Template
  • Configure PyGoat Application Using a Template
  • Advanced Configuration
  • Permissions Validation
  • Update Template Submission
  • Importing Augment Templates
  • Apply the Custom 404 Augment Template
  • Import Rate Limiting Augment Template
  • Apply the Rate Limiting Augment Template
  • Test the Rate Limiting Augment Template
  • Examine Additional Custom Templates
• Class 15 - Introduction to F5 AI Gateway
  • Introduction
  • Module 1 - F5 AI Gateway configuration walkthrough
  • Module 2 - Accessing the lab environment
  • Module 3 - Understanding the AI Assistant application flow
  • Module 4 - LLM01: Prompt Injection Attack
  • Module 5 - Smart routing using language-id processor
  • Module 6 - LLM02: Sensitive Information Disclosure
  • Module 7 - LLM07: System Prompt Leakage
• Class 16 - Beyond Models: A Practical Guide to Protecting Your AI-Powered Apps
  • Acessing the lab resources
  • Publish the application
  • Getting to know the ChatBot
  • Protecting the Application
  • Protecting the ChatBot with AI Gateway