2.10.0 release notes
April 26, 2023
NGINX Instance Manager 2.10.0 release notes
NGINX Instance Manager 2.10.0 supports upgrades from these previous versions:
- 2.7.0 - 2.9.1
If your NGINX Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
This release includes the following updates:
-
New "Category" Filter in the Events web interface
You can now filter entries in the Events web interface using a new "Category" filter. Categories for event entries include "Certs", "Instance Groups", and "Templates".
-
New NGINX Agent install flag for F5 WAF for NGINX
The NGINX Agent installation script now has a flag to enable the default configuration required for F5 WAF for NGINX. It is used to retrieve the deployment status and
precompiled_publicationmode, with an option for the F5 WAF for NGINX instance to use the mode for policies. -
NGINX Management Suite version now visible in the web interface and API
You can now look up the NGINX Management Suite and NGINX Instance Manager versions in the web interface and API. Other module versions are also visible, though older versions of API Connectivity Manager and Security Monitoring may appear as undefined.
-
NGINX Management Suite can now use NGINX Ingress Controller to manage routing
The NGINX Management Suite Helm Chart can now generate an NGINX Ingress Controller VirtualServer definition, which can be used to expose NGINX Management Suite when running in your Kubernetes cluster. More about the VirtualServer custom resource can be found in the VirtualServer and VirtualServerRoute documentation.
-
Configuration Publication Status now visible in App Security pages.
The most recent publication date and status for an instance’s configuration is now visible on App Security Pages. This reflects configuration for NGINX, NGINX App Protect policies, Attack Signatures and Threat Campaigns.
-
Instance Manager can now automatically retrieve WAF compilers associated with F5 WAF for NGINX instances
Using a user-provided NGINX repository certificate & key after the first set-up of the WAF compiler, Instance Manager can automatically retrieve WAF compilers associated with F5 WAF for NGINX instances. These can be used to publish F5 WAF for NGINX configurations in
precompiled_publicationmode. -
Add option to toggle ICMP scanning in the web interface
You can now explicitly enable or disable ICMP scanning at the top of the "Scan" interface.
-
New NGINX Agent install flag for Security Monitoring
The NGINX Agent installation script now has a flag to enable the default configuration required for the Security Monitoring module.
This release has the following changes in default behavior:
-
Improvements to Role Based Access Control for SSL Certificate and Key management
Role Based Access Control for SSL Certificate and Key management can now use three different objects for precise controls: certificates, systems, and instance groups. Using certificates as an object controls the viewing and assigning of specific certificate and key pairs. Using systems or instance groups allows a user to see all certificates but restricts access for publishing.
-
By default, NGINX Management Suite is not exposed to the internet when installed with a Helm Chart
When NGINX Management Suite is installed using a Helm Chart, it now defaults to a ClusterIP without an external IP address.
This release fixes the following issues. Use your browser’s search function to find the issue ID in the page.
- Installing NGINX Agent on FreeBSD fails with "error 2051: not implemented" (41157)
- Configuration changes for NGINX Agent take longer than expected. (41257)
- SELinux errors encountered when starting NGINX Management Suite on RHEL9 with the SELinux policy installed (41327)
You can find information about known issues in the Known Issues topic.