F5 Agility Labs - Index

Welcome to the F5 NGINX Solutions lab at F5 Agility 2022

The content contained here leverages a full DevOps CI/CD pipeline and is sourced from the GitHub repository at https://github.com/f5devcentral/f5-agility-labs-nginx. Bugs and Requests for enhancements can be made by opening an Issue within the repository.

Contents:

• Class1 - Intro to NGINX Plus
  • Introduction
  • Module 1: Introduction to NGINX Plus Concepts
  • Module 2: Introduction to custom NGINX Plus logging
  • Module 3: Introduction to the NGINX Plus API
• Class2 - NGINX Plus CI/CD Lab
  • Introduction
  • Module 1: Creating docker images for NGINX Plus
  • Module 2: Deploying NGINX Plus web server with CI/CD
  • Module 3: Continuous Deployment for NGINX Plus Load Balancers
• Class3 - NGINX Dataplane Scripting
  • Getting Started
  • Hello World [http/hello]
  • Decode URI [http/decode_uri]
  • Extract JWT Payload into NGINX Variable [http/authorization/jwt]
  • Subrequests join [http/join_subrequests]
  • Secure hash [http/authorization/secure_link_hash]
  • File IO [misc/file_io]
  • Complex redirects using njs file map. [http/complex_redirects]
  • Injecting HTTP header using stream proxy [stream/inject_header]
  • Generating JWT token [http/authorization/gen_hs_jwt]
  • Choosing upstream in stream based on the underlying protocol [stream/detect_http]
  • Authorizing requests using auth_request [http/authorization/auth_request]
  • Authorizing requests based on request body content [http/authorization/request_body]
  • Subrequests chaining [http/subrequests_chaining]
  • Authorizing connections using ngx.fetch() as auth_request [stream/auth_request]
  • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
  • Converting response body characters to lower case [http/response/to_lower_case]
  • Reading subject alternative from client certificate [http/certs/subject_alternative]
• Class4 - Introduction to NGINX Instance Manager
  • Introduction
  • Background
  • Overview
  • Module 1: Access the NGINX Instance Manager UI and Scan for instances
  • Module 2: Managing NGINX Instances
  • Module 3: Securing NGINX Instance Manager
• Class5 - NGINX App Protect
  • Module 1 - Deploy modern application with modern tools
  • Module 2 - Protect Arcadia with NGINX App Protect in Linux host
  • Module 3 - Protect Arcadia with NGINX App Protect in Docker
  • Module 4 - Protect Arcadia with NGINX App Protect in Kubernetes Ingress Controller
  • Module 5 - API Security
  • Module 6 - Advanced features
• Class6 - NGINX API Management
  • Module 1 - Deploying an API for a modern app
  • Module 2 - Deploy the API Gateway instance
  • Module 3 - Publish the API
  • Module 4 - Add security controls
  • Module 5 - DevPortal
  • Module 6 - Reporting
• Class7 - NGINX Kubernetes Ingress Controller, the new Rancher Manager and Rancher Kubernetes Engine 2
  • Introduction
  • Module 1: UDF and Environment walk through.
  • Module 2: Using the provided GitHub GIST you will Stand up the Rancher Kubernetes Engine 2 (RKE2) and deploy NGINX Ingress Controller
• Class8 - NGINX App Protect Denial of Service (NAP DoS)
  • Introduction
  • Lab Topology
  • Attack Scripts
  • Module 1 - HTTP/2 and GRPC DoS Attack on Unprotected Application
  • Module 2 - Install and Enable NGINX AppProtect DoS
  • Module 3 - Establishing Application Traffic Baseline
  • Module 4 - Protecting HTTP and gRPC Services from Application Layer DoS Attacks
  • Module 5 - Reporting and Monitoring NAP DoS using ELK Stack
  • Module 6 - Live Activity Monitoring with NAP DoS Dashboard
• Class 9: Access on NGINX+ - Authentication for Web Access
  • Introduction
  • Let’s Get Started - Join UDF Course
  • Installing Prerequisites:
  • Configuring the IdP Keycloak:
  • Configure NGINX Plus as the OpenID Connect relying party
  • Testing the config