This document describes NGINX Instance Manager.
Make NGINX even simpler to configure, scale, and maintain.
NGINX Instance Manager (“NIM”) is designed for anyone who uses NGINX and has seen an nginx.conf file before.
NGINX is an amazing proxy and web server (and more) and does these functions well. It handles heavy traffic, is lightweight and compact, and uses resources very carefully. What it does, it does well.
NGINX Users have told us of several needs and we created NIM to help deliver them (not inclusive):
- API for NGINX to push and pull configuration changes (ideally gRPC)
- Instance management of NGINX Open Source (and custom compiled versions)
- Adopting existing running NGINX instances and handling anything they can run
- Integration into existing CI/CD pipelines
- Utilization of native linux tools and processes (systemd, selinux, rpm/apt packages)
- High instance count (10,000+) support
- Fast and lightweight (like NGINX)
- Certificate Expiration
NGINX Instance Manager is a centralized control plane for NGINX data plane instances. NIM provides an API, configuration management, and metrics for NGINX instances, Open Source and Plus. NIM works with existing tools and processes you already have.
If another tool can provide functionality, we utilize it first before building it into NIM directly. This allows immediate functionality and flexibility for you to choose the tools you want to use. As we learn more about required functions, we will build more into the server.
NIM does not expect to be the single source of truth. You likely have something else (perhaps git) functioning as your source of conf files. NIM will respect any other tool owning the configuration files and expects changes to happen outside of NIM.
We beleive NGINX is the best tool to place in front of web applications and we place NGINX Plus in front of NIM also. NGINX Plus provides several authentication and encyption options you can utilize. In addition, it allows you to present the API, User Interface and agent connections as you desire. All traffic uses the http context (including agent to server traffic).
NIM installs using localhost only (not exposed to the outside by default). The conf files specify certificates and keys expecting mTLS to be used.
We expect to handle many variations with NGINX. Operating Systems, custom compiled version and the use of LUA scripts are all expected for NIM. We focus on not breaking on any combination first, then focus on parsing and adding value to features second.
NIM is designed to be fast. The install is in seconds, the config update is about 1 second and metrics should be able to be gathered in up to 1s intervals.