Release Notes

These release notes list and describe the new features, enhancements, and resolved issues in NGINX Management Suite Instance Manager.


2.6.0

November 17, 2022

Upgrade Paths

Instance Manager 2.6.0 supports upgrades from the following versions:

  • 2.4.0 – 2.5.1

If you are using an older version of Instance Manager, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:
Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

What’s New

This release includes the following updates:

  • Manage and deploy configurations to NGINX App Protect WAF Instances

    This release introduces the following features to manage and deploy configurations to NGINX App Protect instances:

    • Create, upsert, and delete NGINX App Protect WAF security policies
    • Manage NGINX App Protect WAF security configurations by using the NGINX Management Suite user interface or REST API
    • Update Signatures and Threat Campaign packages
    • Compile security configurations into a binary bundle that can be consumed by NGINX App Protect WAF instances
    See Also:
    See the Support for NGINX App Protect WAF section for compatibility requirements.
  • Download metrics module package from NGINX Management Suite

    The metrics module can now be downloaded from the NGINX Management Suite directly. It provides additional metrics dimensions.

  • Adds support for RHEL 9

    Instance Manager 2.6 supports RHEL 9. See the Technical Specifications Guide for details.

  • Support for using HashiCorp Vault for storing secrets

    NGINX Management Suite now supports the use of Hashicorp Vault to store secrets such as SSL Certificates and Keys. Use of a new or existing Vault deployment is supported.

  • Graph and additional data are included in NGINX Plus usage tracking UI

    On the NGINX Plus usage tracking page, the number of NGINX Plus instances used over time is available in a graph. You can also view the minimum, maximum, and average count of concurrent unique instances in a given time period.

  • Adds support for Oracle 8

    Oracle 8 is now a supported distribution starting with Instance Manager 2.6. You can use the RedHat/CentOS distro to install the Oracle 8 package.

Changes in Default Behavior

Instance Manager 2.6.0 has the following changes in default behavior:

  • GET /roles and /roles/{roleName} API responses now include user and group associations

    The GET Roles API response includes any users or groups associated with a role.

Resolved Issues

This release fixes the following issues:

  • Password error “option unknown” occurs when installing NGINX Instance Manager on Ubuntu with OpenSSL v1.1.0 (33055)

Known Issues

  • To view the known issues in this release, see the Known Issues topic.

Support for NGINX App Protect WAF

Instance Manager supports the following versions of NGINX App Protect WAF:

Instance Manager NGINX App Protect WAF
2.6.0 and later Release version 3.12.2
Important:
Instance Manager 2.6.0 does not support upgrading NGINX App Protect WAF on managed instances to which Instance Manager publishes App Protect policies and configurations.

2.5.1

October 11, 2022

Upgrade Paths

Instance Manager 2.5.1 supports direct upgrades from the following versions:

  • 2.3.0 – 2.5.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Extended NGINX metrics aren’t reported for NGINX Plus R26 and earlier (37738)

2.5.0

October 4, 2022

Upgrade Paths

Instance Manager 2.5.0 supports direct upgrades from the following versions:

  • 2.3.0 – 2.4.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • Track NGINX Plus usage over time

    When viewing your NGINX Plus instances in the Instance Manager web interface, you can set a date and time filter to review the NGINX Plus instance count for a specific period. Also, you can use the Instance Manager REST API to view the lowest, highest, and average number of NGINX Plus instances over time.

  • New helm charts for each release of Instance Manager

    Each release of Instance Manager now includes a helm chart, which you can use to easily install Instance Manager on Kubernetes. You can download the helm charts from MyF5.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Managed certificates may be overwritten if they have the same name on different datapath certificates (36240)

  • Scan overview page doesn’t scroll to show the full list of instances (36514)


2.4.0

August 16, 2022

Upgrade Paths

Instance Manager 2.4.0 supports direct upgrades from the following versions:

  • 2.2.0 – 2.3.1

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • Get notified about critical events

    Instance Manager 2.4 adds a notifications panel to the web interface. After logging in to NGINX Management Suite, select the notification bell at the top of the page to view critical system events (WARNING or ERROR level events). Future releases will support additional notification options.

  • See which of your NGINX Plus instances have NGINX App Protect installed

    Now, when you view your NGINX Plus inventory, you can see which instances have NGINX App Protect installed. NGINX App Protect is a modern app‑security solution that works seamlessly in DevOps environments as a robust WAF or app‑level DoS defense, helping you deliver secure apps from code to customer.

Changes in Default Behavior

Instance Manager 2.4.0 has the following changes in default behavior:

  • You no longer need to associate a certificate with an instance using the web interface

    NGINX Management Suite will automatically deploy a certificate to an NGINX instance if the instance’s config references the certificate on the NMS platform.

  • Adds nms-integrations service

    This release adds a new service called nms-integerations. This service is for future integrations; no user management or configuration is needed at this time.


2.3.1

July 21, 2022

Upgrade Paths

Instance Manager 2.3.1 supports direct upgrades from the following versions:

  • 2.1.0 – 2.3.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

Security Update

Important:
For the protection of our customers, NGINX doesn’t disclose security issues until an investigation has occurred and a fix is available.

This release includes the following security update(s):

  • Instance Manager vulnerability CVE-2022-35241

    In versions of 2.x before 2.3.1 and all versions of 1.x, when Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization.

    This issue has been classified as CWE-400: Uncontrolled Resource Consumption.

    For more information, refer to the AskF5 article K37080719.


2.3.0

June 30, 2022

Upgrade Paths

Instance Manager 2.3.0 supports direct upgrades from the following versions:

  • 2.1.0 – 2.2.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • View a summary of your instances' most important metrics for the last 24 hours

    This release adds a Metrics Summary page, from which you can view key system, network, HTTP request, and connection metrics at a glance for the last 24 hours.

    After logging in to Instance Manager, select an instance on the Instances Overview page, then select the Metrics Summary tab.

  • Track the details for your NGINX Plus instances

    Easily track your NGINX Plus instances from the new NGINX Plus inventory list page. View the current count for all your NGINX Plus instances, as well as each instance’s hostname, UID, version, and the last time each instance was reported to Instance Manager. Select the Export button to export the list of NGINX Plus instances to a .csv file.

  • Explore events in Instance Manager with the Events Catalogs API

    This release introduces a Catalogs API endpoint specifically for viewing Instance Manager events and corresponding information. You can access the endpoint at /analytics/catalogs/events.

  • Support for provisioning users and user groups with SCIM

    Now, you can use SCIM to provision, update, or deprovision users and user groups for your Identity Provider to Instance Manager. SCIM, short for “System for Cross-domain Identity Management,” is an open API for managing identities.

  • Instance Manager provides information about your NGINX App Protect WAF installations

    You can configure NGINX Agent to report the following NGINX App Protect WAF installation information to NGINX Management Suite:

    • the current version of NGINX App Protect WAF
    • the current status of NGINX App Protect WAF (active or inactive)
    • the Attack Signatures package version
    • the Threat Campaigns package version
  • Adds support for Ubuntu 22.04

    The NGINX Management Suite, which includes Instance Manager, now supports Ubuntu 22.04 (Jammy).

    Refer to the Technical Specifications Guide for details.

Changes in Default Behavior

Instance Manager 2.3.0 has the following changes in default behavior:

  • New login screen

    Sometimes it’s the small things that count. Now, when logging in to Instance Manager, you’re treated to an attractive-looking login screen instead of a bland system prompt. 🤩

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Post-install steps to load SELinux policy are in the wrong order (34276)

2.2.0

May 25, 2022

Upgrade Paths

Instance Manager 2.2.0 supports direct upgrades from the following versions:

  • 2.0.0 – 2.1.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

  • Adds reporting for NGINX worker metrics (API only)

    The NGINX Agent now gathers metrics for NGINX workers. You can access these metrics using the Instance Manager Metrics API.

    The following worker metrics are reported:

    • The count of NGINX workers
    • CPU, IO, and memory usage
  • Modules field added to Metrics and Dimensions catalogs

    A modules field was added to the Metics and Dimensions catalogs. This field indicates which module or modules the metric or dimension belongs to.

  • New events for NGINX processes and configuration rollbacks

    Now, you can use the Instance Manager Events API or web interface to view events when NGINX instances start and reload or when a configuration is rolled back.

  • Role-based access control added to Events and Metrics pages

    A warning message is shown when users try to view the Events and Metrics pages in the web interface if they don’t have permission to access the Analytics feature. For instructions on assigning access to features using role-based access control (RBAC), see Set Up RBAC.

  • Filter events and metrics with custom time ranges

    Now you can filter events and metrics using a custom date and time range. Select Custom time range in the filter list, then specify the date and time range you want to use.

Changes in Default Behavior

Instance Manager 2.2.0 has the following changes in default behavior:

  • Viewing events requires a valid license

    A valid license is needed to view events using the Instance Manager REST API or web interface. See Add a License for instructions on how to get and add a license.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Running Agent install script with sh returns “not found” error (33385)

2.1.0

April 5, 2022

Upgrade Paths

Instance Manager 2.1.0 supports direct upgrades from the following versions:

  • 2.0.0 – 2.0.1
See Also:

See the Upgrade Guide for important information and steps that you must review and follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following new features and enhancements:

  • Adds Docker support for NGINX Agent

    Now you can collect metrics about the Docker containers that the NGINX Agent is running in. The NGINX Agent uses the available cgroup files to calculate metrics like CPU and memory usage.

    If you have multiple Docker containers on your data plane host, each container registers with Instance Manager as unique.

    Refer to the NGINX Agent Docker Support guide for details.

    Note:
    Containerizing the NGINX Agent is supported only with Docker at the moment. Look for additional container support in future releases of Instance Manager.
  • New RBAC lets you limit access to Instance Manager features

    RBAC has been updated and improved. Add users to roles – or add users to user groups if you’re using an external identity provider – to limit access to Instance Manager features.

    For more information, see the tutorial Set Up RBAC.

  • Deploy Instance Manager on Kubernetes using a helm chart

    We recommend using the Instance Manager helm chart to install Instance Manager on Kubernetes.

    Among the benefits of deploying from a helm chart, the chart includes the required services, which you can scale independently as needed; upgrades can be done with a single helm command; and there’s no requirement for root privileges.

    For instructions, see Install from a Helm Chart.

  • Improved certificate handling

    Stability and performance improvements for managing certificates using the web interface.

  • View events for your NGINX instances

    Now you can use the Instance Manager API or web interface to view events for your NGINX instances.

    See the View Events and View Events (API) topics for instructions.

  • Redesigned metrics views in the web interface

    The metrics pages in the web interface have been revised and improved.

    See the View Metrics topic to get started.

Changes in Default Behavior

Instance Manager 2.1.0 has the following changes in default behavior:

  • Tags are no longer enforced for RBAC or set when creating or updating a role

    If you’re using tags for RBAC on an earlier version of Instance Manager, you’ll need to re-create your roles after upgrading. Tags assigned to instances for the purpose of RBAC won’t be honored after you upgrade.

    See the What’s New section for details about the new Instance Manager RBAC authorization system.

  • The DeploymentDetails API now requires values for failure and success

    The DeploymentDetails API spec has changed. Now, the failure and success fields are required. The values can be an empty array or an array of UUIDs of NGINX instances; null is not a valid value.

    Endpoint: /systems/instances/deployments/{deploymentUid}

    Example JSON Response:

    {
    "createTime": "2022-04-18T23:09:16Z",
    "details": {
    "failure": [ ],
    "success": [
    {
      "name": "27de7cb8-f7d6-3639-b2a5-b7f48883aee1"
    }
    ]
    },
    "id": "07c6101e-27c9-4dbb-b934-b5ed75e389e0",
    "status": "finalized",
    "updateTime": "2022-04-18T23:09:16Z"
    }
    

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Unable to register multiple NGINX Agents in containers on the same host (30780)
  • Include cycles in the configuration cause analyzer to spin. (31025)
  • System reports “error granting scope: forbidden” if user granting permissions belongs to more than one role (31215)
  • When using Instance Groups, tag-based access controls are not enforced (31267)
  • Bad Gateway (502) errors with Red Hat 7 (31277)

2.0.1 Patch Release

January 27, 2022

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Unable to access the Instance Manager web interface after loading SELinux policy (31583)
  • The nms-dpm service restarts when registering multiple NGINX Agents with the same identity (31612)

2.0.0

December 21, 2021

What’s New

This release includes the following new features and enhancements:

  • New architecture!

    We redesigned and improved the architecture of Instance Manager! Because of these changes, upgrading to version 2.0 is different. Make sure to read the Migration Guide for instructions.

  • Improved user access control

    Instance Manager 2.x. allows you to create user access controls with tags. Administrators can grant users read or write access to perform instance management tasks. And admins can grant or restrict access to the Settings options, such as managing licenses and creating users and roles. See the Set up Authentication guide for more details.

  • More metrics and instance dashboards

    Instance Manager now collects additional metrics from the NGINX instances. We also added pre-configured dashboards to the web interface for each NGINX instance managed by Instance Manager. See the Catalog Reference documentation for a complete list of metrics.

  • (Experimental) Share a configuration across multiple instances

    With a feature called Instance Groups, you can share the same configuration across multiple instances. So, if your website requires a number of instances to support the load, you can publish the same configuration to each instance with ease.