BLOG | NGINX

Use Infrastructure as Code to Deploy F5 NGINX Management Suite

NGINX-Part-of-F5-horiz-black-type-RGB
Daniel O'Connor Thumbnail
Daniel O'Connor
Published August 08, 2023
Paul Abel Thumbnail
Paul Abel
Published August 08, 2023

Unlocking the full potential of F5 NGINX Management Suite can help your organization simplify app and API deployment, management, and security. The new NGINX Management Suite Infrastructure as Code (IaC) project aims to help you get started as quickly as possible, while also encouraging the best practices for your chosen deployment environment.

If you are responsible for building software infrastructure, you’re likely familiar with IaC as a modern approach to getting consistent results. However, because there are many ways to achieve an IaC setup, it may be daunting to get started or time consuming to create from scratch.

This blog post introduces the NGINX Management Suite Infrastructure as Code repository and outlines how to set up its individual modules to quickly get them up and running.

Project Overview

There are two established methods to design your IaC. One method is the baked approach, where images are created with the required software and configuration. The other method, the fried approach, is to deploy your servers and continuously configure them using a configuration management tool. You can watch this NGINX talk<.htmla> to learn about immutable infrastructure, including the differences between baked and fried images.

In the NGINX Management Suite IaC repository, we take the baked approach – using Packer to bake the images and then Terraform to deploy instances of these images. By creating a pre-baked image, you can speed up the deployment process of your individual NGINX Management Suite systems as well as the consistency of your infrastructure.

Working with the GitHub Repo

The Packer output is an image/machine with NGINX Management Suite and all supported modules installed (at the time of writing, these are Instance Manager, API Connectivity Manager, Security Monitoring, and Application Delivery Manager ). The license you apply determines which modules you are able to utilize. You can find your license information in the MyF5 Customer Portal or, if you’re not already a customer, you can request a 30-day free trial of API Connectivity Stack or App Delivery Stack to get started.

Confidential information, such as passwords or certificates, are removed during the image generation process. The images can be built using any NGINX Management Suite supported OS and by modifying build parameters. NGINX provides support for several cloud and on-premises environments for both image building and deployment with the intent to actively add support for more. At the time of writing, the setups in the table below are supported.

Cloud Provider

Packer for NGINX Management Suite

Packer for NGINX Plus

Terraform for Basic Reference Architecture

Terraform for Standalone NGINX Management Suite

AWS

GCP

Azure

vSphere

The basic reference architecture deploys an NGINX Management Suite instance with the required amount of NGINX Plus instances. The network topology deployed adheres to best practices for the targeted cloud provider.

For example, if you are using Amazon Web Services (AWS), you can deploy this infrastructure:

AWS Infrastructure example

How to Get Started

To start using IaC for NGINX Management Suite, clone this repository and follow the README for building your images. For the basic reference architecture, you will need to follow the Packer guides to generate an NGINX Management Suite and NGINX Plus image.

After you have generated your images, you can use them to deploy your reference architecture. The Terraform stack uses sensible defaults with configuration options that can be edited to suit your needs.

How to Contribute

This repository is in active development and we welcome contributions from the community. For more information please view our contributing guide.

Additional Resources


"This blog post may reference products that are no longer available and/or no longer supported. For the most current information about available F5 NGINX products and solutions, explore our NGINX product family. NGINX is now part of F5. All previous NGINX.com links will redirect to similar NGINX content on F5.com."