NGINX AppWorld Labs - Index

Welcome to the NGINX Modern Apps labs at AppWorld 2024

The content contained here leverages a full DevOps CI/CD pipeline and is sourced from the GitHub repository at https://github.com/f5devcentral/f5-agility-labs-nginx. Bugs and Requests for enhancements can be made by opening an Issue within the repository.

Contents:

• Class 1 - Intro to NGINX Plus
  • Introduction
  • Module 1: Introduction to NGINX Plus Concepts
  • Module 2: Introduction to custom NGINX Plus logging
  • Module 3: Introduction to the NGINX Plus API
• Class 2 - NGINX Plus CI/CD Lab
  • Introduction
  • Module 1: Creating docker images for NGINX Plus
  • Module 2: Deploying NGINX Plus web server with CI/CD
  • Module 3: Continuous Deployment for NGINX Plus Load Balancers
• Class 3 - NGINX Dataplane Scripting
  • Getting Started
  • Hello World [http/hello]
  • Decode URI [http/decode_uri]
  • Extract JWT Payload into NGINX Variable [http/authorization/jwt]
  • Subrequests join [http/join_subrequests]
  • Secure hash [http/authorization/secure_link_hash]
  • File IO [misc/file_io]
  • Complex redirects using njs file map. [http/complex_redirects]
  • Injecting HTTP header using stream proxy [stream/inject_header]
  • Generating JWT token [http/authorization/gen_hs_jwt]
  • Choosing upstream in stream based on the underlying protocol [stream/detect_http]
  • Authorizing requests using auth_request [http/authorization/auth_request]
  • Authorizing requests based on request body content [http/authorization/request_body]
  • Subrequests chaining [http/subrequests_chaining]
  • Authorizing connections using ngx.fetch() as auth_request [stream/auth_request]
  • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
  • Converting response body characters to lower case [http/response/to_lower_case]
  • Reading subject alternative from client certificate [http/certs/subject_alternative]
• Class 4 - Introduction to NGINX Instance Manager
  • Introduction
  • Background
  • Overview
  • Module 1: Access the NGINX Instance Manager UI and Scan for instances
  • Module 2: Managing NGINX Instances
  • Module 3: Securing NGINX Instance Manager
• Class 5 - NGINX App Protect WAF & DoS
  • NGINX App Protect WAF Overview
  • Deployment Modes
  • Deployment environments
  • Lab Overview
  • NGINX Acronyms
  • NGINX App Protect WAF Terminology
  • Official NGINX Documentation
  • Lab Inventory
  • Accessing the Lab
  • Module 1 - Test Driving NGINX Plus with App Protect WAF and NGINX Instance Manager
  • Module 2 - Protect the Arcadia Finance App with NGINX App Protect WAF
  • Module 3 - Modern Apps NGINX App Protect WAF Deployment
  • Module 4 - API Security
  • Module 5 - Advanced Tools and Features
  • NGINX App Protect DoS
  • Topology
  • Attack Scripts
  • Module 6 - HTTP/2 and GRPC DoS Attack on an Unprotected Application
  • Module 7 - Install and Enable NGINX App Protect DoS
  • Module 8 - Establishing Application Traffic Baseline
  • Module 9 - Protecting HTTP and gRPC Services from Application Layer DoS Attacks
  • Module 10 - Live Activity Monitoring with NGINX App Protect DoS Dashboard
  • Conclusion
• Class 6 - NGINX API Management
  • Module 1 - Deploying an API for a modern app
  • Module 2 - Deploy the API Gateway instance
  • Module 3 - Publish the API
  • Module 4 - Add security controls
  • Module 5 - DevPortal
  • Module 6 - Reporting
• Class 7 - NGINX Kubernetes Ingress Controller, the new Rancher Manager and Rancher Kubernetes Engine 2
  • Introduction
  • Module 1: UDF and Environment walk through.
  • Module 2: Using the provided GitHub GIST you will Stand up the Rancher Kubernetes Engine 2 (RKE2) and deploy NGINX Ingress Controller
• Class 8: Performance Tuning NGINX Plus
  • Getting familiar with the Lab
  • Start your Tuning
  • High Volume Testing, Identifying Break Points
  • Tuning Buffers and Cache
  • Additional Tuning Parameters and Best Practices
• Class 9: Access on NGINX Plus - Authentication for Web Access
  • Introduction
  • Let’s Get Started - Join the UDF Course
  • Installing Prerequisites:
  • Configuring the IdP Keycloak
  • Configure NGINX Plus as the OpenID Connect relying party
  • Testing the config
  • Manage NGINX Plus with Instance Manager
• Class 10 - NMS API Connectivity Manager
  • Module 1 - Deploying an API for a modern app
  • Module 2 - Infrastructure team - Deploy Nginx instances
  • Module 3 - API Team - Publish API v1.0
  • Module 4 - Dev Team - Consume API v1.0
  • Module 5 - API Team - Publish API v2.0
  • Module 6 - Dev Team - Consume API v2.0
  • Module 7 - Advanced Security Lab
  • Module 8 - Observability and Monitoring
• Class 11 - F5 NGINX Plus Ingress Controller as an API Gateway for Kubernetes
  • Task 00: Kubernetes Lab Environment
  • Task 01: Create API Service in Kubernetes
  • Task 02: Create https://jobs.local/get-job API endpoint
  • Task 03: Complete the https://jobs.local Application
  • Task 04: OpenAPI Spec Enforcement with NGINX App Protect
  • Task 05: Authorization - Signed JSON Web Token (JWT) Validation
  • Task 06: API Request Rate-Limiting
• Class 12 - The Path to Understanding Kubernetes and Containers
  • The Path to Understanding Kubernetes and Containers - Intro
  • Official Kubernetes Documentation
  • Lab Inventory
  • Accessing the Lab
  • Module 1 - Container and Kubernetes Overview
  • Module 2 - Kubernetes Operations
  • Module 3 - Kubernetes Troubleshooting
• Class 13 - Maximize ROI with F5 NGINX App Protect(NAP) using Observability
  • Introduction
  • Get familiar with the components in UDF
  • NGINX App Protect WAF Dashboard
  • GitOps continuous delivery for NGINX App Protect with ArgoCD