2.22.0 release notes

April 28, 2026

NGINX Instance Manager 2.22.0 release notes

Upgrade Paths

NGINX Instance Manager 2.22.0 supports upgrades from these previous versions:

  • 2.19.0 - 2.21.1

If your NGINX Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

What’s new

This release includes the following updates:

  • Use the default SCC on OpenShift

    Starting in v2.22.0, NGINX Instance Manager Helm deployments on OpenShift use the cluster’s default Security Context Constraint (SCC) when you set openshift.enabled: true. NGINX Instance Manager no longer requires a custom SCC with fixed UIDs (1000 and 101). This simplifies installation and improves OpenShift compatibility. For details, see Appendix: OpenShift security constraints.

  • New licensing flow sends raw usage data; JWT license no longer required

    NGINX Instance Manager now sends raw usage data to the new licensing endpoint instead of aggregated data to the legacy endpoint. A JWT license is no longer required, and disconnected environments no longer need to upload usage report acknowledgements.

    For more information, see Add a license (connected) and Add a license (disconnected).

  • Log profiles section added to the NGINX Instance Manager UI

    NGINX Instance Manager now includes a Log Profiles section in the UI, where you can view, manage, configure, compile, and download log profiles. The section includes form-based and JSON-based editors, similar to the WAF Policies section.

  • Custom TLS certificates now supported through Vault and external service certificates

    NGINX Instance Manager now supports custom TLS certificates for its API Gateway and externally provided internal service certificates. The Helm chart supports both the existing default certificate flow and a new external certificates flow for pre-existing per-service secrets.

    For more information, see Use external TLS certificates.

Changes in default behavior

This release has the following changes in default behavior:

  • Saving a modified WAF policy now always creates a new version

    NGINX Instance Manager now creates a new version each time a modified WAF policy is saved, even if the current version isn’t deployed. Previously, a new version was created only for deployed policy versions.

    • The PUT endpoint for updating WAF policies is deprecated.
    • Submit WAF policy changes through POST requests.

  • Usage reporting and the NGINX Usage page have changed in version 2.22

    The new licensing endpoint is: https://product.connect.nginx.com/api/nginx-usage/batch

    • In connected environments that restrict outbound access, add the new licensing endpoint to your allowlist.
    • In disconnected mode, use the new bash script to process the larger download file.
    • The NGINX Usage page no longer shows hourly aggregated data. It now shows usage reporting details such as instance and cluster IDs and last reported times.

    For more information, see Report usage data to F5 (connected) and Report usage data to F5 (disconnected).

Known issues

You can find information about known issues in the Known Issues topic.

View source
Edit this page
Create a new issue