End of Sale Notice:
F5 NGINX is announcing the End of Sale (EoS) for NGINX Management Suite API Connectivity Manager Module, effective January 1, 2024.
F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing API Connectivity Manager Module customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.
See our End of Sale announcement for more details.
Architecture Overview
Learn about the F5 NGINX Management Suite API Connectivity Manager architecture.
Overview
This topic provides an overview of the API Connectivity Manager architecture and personas.
Terminology
This document introduces the following concepts.
Topology
Term |
Description |
|---|---|
| Management Plane | The management plane is an abstraction layer used to configure, monitor, and manage the layers of a network stack. API Connectivity Manager, a part of the management plane, establishes guardrails and configures rules for the data plane. |
| Data Plane | F5 NGINX Plus instances in the traffic path that act as load balancers, API gateways, firewalls, ingress controllers, and caching systems. |
| Proxy Cluster | NGINX is widely known as a reverse proxy, and a Proxy Cluster is a set of one or more NGINX Plus servers working together. A proxy cluster keeps configurations in sync across all instances and maintains data consistency by sharing the runtime state. Examples:
|
Platform Services
API Connectivity Manager uses NATS to communicate with the NGINX Management Suite platform services.
Service |
Description |
|---|---|
| Core | The core service configures and sets up the management plane, as well as performs data analysis for metrics, events, and alerts. |
| Data Plane Manager (DPM) | The data plane manager (DPM) service is responsible for configuring NGINX instances on the data plane, monitoring the state of data plane resources, and generating reports and event messages. |
| Ingestion | The ingestion service collects metrics, security violations, and events that are not sent to the data plane manager service by the NGINX Agent. This information can be forwarded to external data stores. |
| Integrations | The integrations process includes features for interacting with external components, like configuring NGINX App Protect WAF policies, managing threat campaigns, and more. |
Architecture
The following diagram shows how API Connectivity Manager’s components are organized and interact.
Note:
API Connectivity Manager takes an API-first approach: commands issued using the web interface are processed using the API Connectivity Manager REST API.
Personas
Infrastructure Admin
Infrastructure Admins, interacting primarily with the management plane, manage the infrastructure for hosts.
Routine tasks
- Configure SSO
- Provision the infrastructure
- Configure domain names
- Manage data plane hosts
- Manage certificates
- Enforce global/enterprise policies
API Owner
API Owners oversee the API lifecycle, which they can maintain using a CI/CD pipeline.
The API Owner relies on the Infrastructure Admin to complete the initial configuration before beginning work.
Routine tasks
- Set up an API team
- On-board an API
- Configure policies to meet Quality of Service (QoS) commitments
- Select the API Gateway cluster for publishing an API
- Select the Dev Portal cluster for publishing API documentation
Application Owner
Application Owners develop new digital experiences.
Routine tasks
- Learn about APIs and API contracts by reading the documentation on the Dev Portal.
- Test APIs using the “Try It Out” feature in the on-board documentation.