Release Notes

These release notes list and describe the new features, enhancements, and resolved issues in NGINX Management Suite Instance Manager.

2.9.0

March 21, 2023

Upgrade Paths

Instance Manager 2.9.0 supports upgrades from these previous versions:

  • 2.6.0–2.8.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:
Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

What’s New

This release includes the following updates:

  • New webpages for viewing Attack Signature and Threat Campaigns

    The Instance Manager web interface now allows you to view Attack Signatures and Threat Campaign packages published to instances and instance groups. You can also publish these packages using the precompiled publication mode.

  • NGINX Agent supports Rocky Linux 8 and 9

    The NGINX Agent now supports Rocky Linux 8 (x86_64, aarch64) and 9 (x86_64, aarch64). The NGINX Agent supports the same distributions as NGINX Plus. For a list of the supported distributions, refer to the NGINX Plus Technical Specs guide.

  • New Events for CUD actions

    Events will be triggered for CREATE, UPDATE, and DELETE actions on Templates, Instances, Certificates, Instance Groups, and Licenses.

  • The Certificate and Keys webpage has a new look!

    Our new and improved Certificates and Keys webpage makes it easier than ever to efficiently manage your TLS certificates.

  • Add commit hash details to NGINX configurations for version control

    Use the Instance Manager REST API to add a commit hash to NGINX configurations if you use version control, such as Git.

    For more information, see the following topics:

Security Update

Important:
For the protection of our customers, NGINX doesn’t disclose security issues until an investigation has occurred and a fix is available.

This release includes the following security update:

  • Instance Manager vulnerability CVE-2023-1550

    NGINX Agent inserts sensitive information into a log file (CVE-2023-1550). An authenticated attacker with local access to read NGINX Agent log files may gain access to private keys. This issue is exposed only when the non-default trace-level logging is enabled.

    NGINX Agent is included with NGINX Instance Manager, and used in conjunction with API Connectivity Manager and the Security Monitoring module.

    This issue has been classified as CWE-532: Insertion of Sensitive Information into Log File.

    Mitigation

    • Avoid configuring trace-level logging in the NGINX Agent configuration file. For more information, refer to the Configuring the NGINX Agent section of NGINX Management Suite documentation. If trace-level logging is required, ensure only trusted users have access to the log files.

    Fixed in

    • NGINX Agent 2.23.3
    • Instance Manager 2.9.0

    For more information, refer to the MyF5 article K000133135.

Changes in Default Behavior

Instance Manager 2.9.0 has the following changes in default behavior:

  • SSL Certificates can be associated with Instance Groups

    When assigning SSL certificates for the NGINX data plane, you have the option of associating them with a single instance or with an instance group. When associated with an instance group, the certificates will be shared across all instances in the group.

Resolved Issues

This release fixes the following issues. Select an issue’s ID link to view its details.

  • After upgrading to NGINX Instance Manager 2.1.0, the web interface reports timeouts when NGINX Agent configs are published (32349)

  • The Type text on the Instances overview page may be partially covered by the Hostname text (39760)

  • Scan does not update an unmanaged instance to managed (37544)

  • To publish security policies with Instance Manager, set the “precompiled_publication” parameter to “true” in the nginx-agent.conf file (39614)

  • App Protect: “Assign Policy and Signature Versions” webpage may not initially display newly added policies (40085)

  • Upgrading NGINX Management Suite may remove the OIDC configuration for the platform (41328)

Known Issues

  • You can find information about known issues with Instance Manager in the Known Issues topic.

Support for NGINX App Protect WAF

Instance Manager supports the following versions of NGINX App Protect WAF:

Instance Manager NGINX App Protect WAF
2.9.0 Release 3.12.2–4.2.0
2.8.0 Release 3.12.2–4.1.0
2.7.0 Release 3.12.2–4.0.0
2.6.0 Release 3.12.2

Open Source Licenses

The following open-source software is used by Instance Manager:

Additionally, you can find the list of open-source packages and their licenses in /etc/nms/license-nms.md after installing Instance Manager.

2.8.0

January 30, 2023

Upgrade Paths

Instance Manager 2.8.0 supports upgrades from these previous versions:

  • 2.5.0–2.7.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.0 or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.0. Direct upgrades from Instance Manager 1.0 and earlier are not supported.

What’s New

This release includes the following new features and updates:

  • Enhanced details page for SSL Certificates

    The Instance Manager web interface now features an improved details page for SSL Certificates. This page provides important information about the certificate and any associated instances.

  • Automatic retrieval of Attack Signatures and Threat Campaign updates to Instance Manager

    Instance Manager now allows you to set up automatic downloads of the most recent Attack Signature and Threat Campaign packages. By publishing these updates to your App Protect instances from Instance Manager, you can ensure your applications are shielded from all recognized attack types.

  • Improved WAF Compiler error messages

    The messaging around security policy compilation errors has been improved by providing more detailed information and alerting users if the required compiler version is missing.

Changes in Default Behavior

Instance Manager 2.8.0 has the following changes in default behavior:

  • Switching between storing secrets on disk and using Vault migrates secrets

    When transitioning between storing secrets on disk or using HashiCorp Vault, any existing secrets can be easily migrated to the new storage method. For instructions, refer to the guide Configure Vault for Storing Secrets.

  • Create roles using either an object name or UID

    You can now use either an object name or a unique identifier (UID) when assigning object-level permissions while creating or editing a role via the Instance Manager REST API.

  • Upgrading from 2.7 or earlier, you must re-enable precompiled_publication to continue publishing security policies with Instance Manager

    To continue publishing security policies with Instance Manager if you’re upgrading from Instance Manager 2.7 and earlier, you must set the precompiled_publication parameter to true in the nginx-agent.conf file.

    In Instance Manager 2.7 and earlier, the pre-compiled_publication setting was set to true by default. However, starting with Instance Manager 2.8, this setting is set to false by default. This means you’ll need to change this setting to true again when upgrading from earlier versions.

    To publish App Protect policies from Instance Manager, add the following to your nginx-agent.conf file:

      nginx_app_protect: 
     precompiled_publication: true

Resolved Issues

This release fixes the following issues. To view the history for an issue, see the Known Issues list.

  • Web interface reports no license found when a license is present (30647)

  • Associating instances with expired certificates causes internal error (34182)

  • Publishing to an Instance/instance-group will fail when the configuration references a JSON policy or a JSON log profile (38357)

  • Missing dimension data for Advanced Metrics with modules (38634)

  • Large payloads can result in disk I/O error for database operations (38827)

  • The Policy API endpoint only allows NGINX App Protect policy upsert with content length up to 3.14MB. (38839)

  • Deploy NGINX App Protect policy is listed as “Not Deployed” on the Policy Version detail page (38876)

  • NGINX Management Suite services may lose connection to ClickHouse in a Kubernetes deployment (39285)

  • NGINX App Protect status may not be displayed after publishing a configuration with a security policy and certificate reference (39382)

  • Security Policy Snippet selector adds incorrect path reference for policy directive (39492)

  • The API Connectivity Manager module won’t load if the Security Monitoring module is enabled (39943)

Known Issues

  • You can find information about known issues with Instance Manager in the Known Issues topic.

Support for NGINX App Protect WAF

Instance Manager supports the following versions of NGINX App Protect WAF:

Instance Manager NGINX App Protect WAF
2.9.0 Release 3.12.2–4.2.0
2.8.0 Release 3.12.2–4.1.0
2.7.0 Release 3.12.2–4.0.0
2.6.0 Release 3.12.2

2.7.0

December 20, 2022

Upgrade Paths

Instance Manager 2.7.0 supports upgrades from the following versions:

  • 2.4.0–2.6.0

If you are using an older version of Instance Manager, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:
Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

What’s New

This release includes stability and performance improvements.

Changes in Default Behavior

Instance Manager 2.7.0 has the following changes in default behavior:

  • NGINX App Protect upgrades are supported

    You can upgrade NGINX App Protect WAF on managed instances where Instance Manager publishes NGINX App Protect policies and configurations. For example, upgrade from App Protect release 3.12.2 to release 4.0.

  • NGINX Management Suite Config file is now in YAML format

    With the release of NGINX Instance Manager 2.7, the NGINX Management Suite configuration file is now in YAML format. Through the upgrade process, your existing configuration will automatically be updated. Any settings you have customized will be maintained in the new format. If you have existing automation tooling for the deployment of the NGINX Management Suite that makes changes to the configuration file, you will need to update it to account for the change.

  • Existing NGINX Agent configuration kept during upgrade to the latest version

    When upgrading NGINX Agent, the existing NGINX Agent configuration is maintained during the upgrade. If the Agent configuration is not present in /etc/nginx-agent/nginx-agent.conf, a default configuration is provided after NGINX Agent installation.

Resolved Issues

This release fixes the following issues:

  • Instance Manager returns a “Download failed” error when editing an NGINX config for instances compiled and installed from source (35851)

  • Null data count is not correctly represented in the NGINX Plus usage graph. (38206)

  • When upgrading Instance Manager from v2.4 to later versions of Instance Manager, certificate associations are no longer visible. (38641)

  • NGINX App Protect policy deployment status not reflecting removal of associated instance. (38700)

  • When upgrading a multi-node NMS deployment with helm charts the ingestion pod may report a “Mismatched migration version” error (38880)

  • After a version upgrade of NGINX Instance Manager, NMS Data Plane Manager crashes if you publish NGINX configuration with App Protect enablement directive (app_protect_enable) set to ON (38904)

Known Issues

  • To view the known issues in this release, see the Known Issues topic.

Support for NGINX App Protect WAF

Instance Manager supports the following versions of NGINX App Protect WAF:

Instance Manager NGINX App Protect WAF
2.9.0 Release 3.12.2–4.2.0
2.8.0 Release 3.12.2–4.1.0
2.7.0 Release 3.12.2–4.0.0
2.6.0 Release 3.12.2

2.6.0

November 17, 2022

Upgrade Paths

Instance Manager 2.6.0 supports upgrades from the following versions:

  • 2.3.0–2.5.1

If you are using an older version of Instance Manager, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:
Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

What’s New

This release includes the following updates:

  • Manage and deploy configurations to NGINX App Protect WAF Instances

    This release introduces the following features to manage and deploy configurations to NGINX App Protect instances:

    • Create, upsert, and delete NGINX App Protect WAF security policies
    • Manage NGINX App Protect WAF security configurations by using the NGINX Management Suite user interface or REST API
    • Update Signatures and Threat Campaign packages
    • Compile security configurations into a binary bundle that can be consumed by NGINX App Protect WAF instances
    See Also:
    See the Support for NGINX App Protect WAF section for compatibility requirements.

  • Download metrics module package from NGINX Management Suite

    The metrics module can now be downloaded from the NGINX Management Suite directly. It provides additional metrics dimensions.

  • Adds support for RHEL 9

    Instance Manager 2.6 supports RHEL 9. See the Technical Specifications Guide for details.

  • Support for using HashiCorp Vault for storing secrets

    NGINX Management Suite now supports the use of HashiCorp Vault to store secrets such as SSL Certificates and Keys. Use of a new or existing Vault deployment is supported.

  • Graph and additional data are included in NGINX Plus usage tracking UI

    On the NGINX Plus usage tracking page, the number of NGINX Plus instances used over time is available in a graph. You can also view the minimum, maximum, and average count of concurrent unique instances in a given time period.

  • Adds support for Oracle 8

    Oracle 8 is now a supported distribution starting with Instance Manager 2.6. You can use the RedHat/CentOS distro to install the Oracle 8 package.

Changes in Default Behavior

Instance Manager 2.6.0 has the following changes in default behavior:

  • GET /roles and /roles/{roleName} API responses now include user and group associations

    The GET Roles API response includes any users or groups associated with a role.

Resolved Issues

This release fixes the following issues:

  • Password error “option unknown” occurs when installing NGINX Instance Manager on Ubuntu with OpenSSL v1.1.0 (33055)

  • Instance Manager reports the NGINX App Protect WAF build number as the version (37510)

Known Issues

  • To view the known issues in this release, see the Known Issues topic.

Support for NGINX App Protect WAF

Instance Manager supports the following versions of NGINX App Protect WAF:

Instance Manager NGINX App Protect WAF
2.9.0 Release 3.12.2–4.2.0
2.8.0 Release 3.12.2–4.1.0
2.7.0 Release 3.12.2–4.0.0
2.6.0 Release 3.12.2
Important:
Instance Manager 2.6.0 does not support upgrading NGINX App Protect WAF on managed instances to which Instance Manager publishes App Protect policies and configurations.

2.5.1

October 11, 2022

Upgrade Paths

Instance Manager 2.5.1 supports direct upgrades from the following versions:

  • 2.3.0–2.5.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Extended NGINX metrics aren’t reported for NGINX Plus R26 and earlier (37738)

2.5.0

October 4, 2022

Upgrade Paths

Instance Manager 2.5.0 supports direct upgrades from the following versions:

  • 2.2.0–2.4.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • Track NGINX Plus usage over time

    When viewing your NGINX Plus instances in the Instance Manager web interface, you can set a date and time filter to review the NGINX Plus instance count for a specific period. Also, you can use the Instance Manager REST API to view the lowest, highest, and average number of NGINX Plus instances over time.

  • New helm charts for each release of Instance Manager

    Each release of Instance Manager now includes a Helm chart, which you can use to easily install Instance Manager on Kubernetes. You can download the helm charts from MyF5.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • OIDC is not supported for helm chart deployments (33248)

  • Installing NGINX Agent on Ubuntu 22.04 LTS fails with 404 Not Found error (35339)

  • Managed certificates may be overwritten if they have the same name on different datapath certificates (36240)

  • Scan overview page doesn’t scroll to show the full list of instances (36514)

2.4.0

August 16, 2022

Upgrade Paths

Instance Manager 2.4.0 supports direct upgrades from the following versions:

  • 2.1.0–2.3.1

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • Get notified about critical events

    Instance Manager 2.4 adds a notifications panel to the web interface. After logging in to NGINX Management Suite, select the notification bell at the top of the page to view critical system events (WARNING or ERROR level events). Future releases will support additional notification options.

  • See which of your NGINX Plus instances have NGINX App Protect installed

    Now, when you view your NGINX Plus inventory, you can see which instances have NGINX App Protect installed. NGINX App Protect is a modern app‑security solution that works seamlessly in DevOps environments as a robust WAF or app‑level DoS defense, helping you deliver secure apps from code to customer.

Changes in Default Behavior

Instance Manager 2.4.0 has the following changes in default behavior:

  • You no longer need to associate a certificate with an instance using the web interface

    NGINX Management Suite will automatically deploy a certificate to an NGINX instance if the instance’s config references the certificate on the NMS platform.

  • Adds nms-integrations service

    This release adds a new service called nms-integerations. This service is for future integrations; no user management or configuration is needed at this time.

Resolved Issues

This release fixes the following issues. To view the history for an issue, see the Known Issues list.

  • Unable to publish config changes to a custom nginx.conf location (35276)

2.3.1

July 21, 2022

Upgrade Paths

Instance Manager 2.3.1 supports direct upgrades from the following versions:

  • 2.0.0–2.3.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

Security Update

Important:
For the protection of our customers, NGINX doesn’t disclose security issues until an investigation has occurred and a fix is available.

This release includes the following security update(s):

  • Instance Manager vulnerability CVE-2022-35241

    In versions of 2.x before 2.3.1 and all versions of 1.x, when Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization.

    This issue has been classified as CWE-400: Uncontrolled Resource Consumption.

    For more information, refer to the AskF5 article K37080719.

2.3.0

June 30, 2022

Upgrade Paths

Instance Manager 2.3.0 supports direct upgrades from the following versions:

  • 2.0.0–2.2.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following updates:

  • View a summary of your instances' most important metrics for the last 24 hours

    This release adds a Metrics Summary page, from which you can view key system, network, HTTP request, and connection metrics at a glance for the last 24 hours.

    After logging in to Instance Manager, select an instance on the Instances Overview page, then select the Metrics Summary tab.

  • Track the details for your NGINX Plus instances

    Easily track your NGINX Plus instances from the new NGINX Plus inventory list page. View the current count for all your NGINX Plus instances, as well as each instance’s hostname, UID, version, and the last time each instance was reported to Instance Manager. Select the Export button to export the list of NGINX Plus instances to a .csv file.

  • Explore events in Instance Manager with the Events Catalogs API

    This release introduces a Catalogs API endpoint specifically for viewing Instance Manager events and corresponding information. You can access the endpoint at /analytics/catalogs/events.

  • Support for provisioning users and user groups with SCIM

    Now, you can use SCIM to provision, update, or deprovision users and user groups for your Identity Provider to Instance Manager. SCIM, short for “System for Cross-domain Identity Management,” is an open API for managing identities.

  • Instance Manager provides information about your NGINX App Protect WAF installations

    You can configure NGINX Agent to report the following NGINX App Protect WAF installation information to NGINX Management Suite:

    • the current version of NGINX App Protect WAF
    • the current status of NGINX App Protect WAF (active or inactive)
    • the Attack Signatures package version
    • the Threat Campaigns package version

  • Adds support for Ubuntu 22.04

    The NGINX Management Suite, which includes Instance Manager, now supports Ubuntu 22.04 (Jammy).

    Refer to the Technical Specifications Guide for details.

Changes in Default Behavior

Instance Manager 2.3.0 has the following changes in default behavior:

  • New login screen

    Sometimes it’s the small things that count. Now, when logging in to Instance Manager, you’re treated to an attractive-looking login screen instead of a bland system prompt. 🤩

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Post-install steps to load SELinux policy are in the wrong order (34276)

2.2.0

May 25, 2022

Upgrade Paths

Instance Manager 2.2.0 supports direct upgrades from the following versions:

  • 2.0.0–2.1.0

If your Instance Manager version is older, you may need to upgrade to an intermediate version before upgrading to the target version.

See Also:

Refer to the Upgrade Guide for important information and steps to follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

  • Adds reporting for NGINX worker metrics (API only)

    The NGINX Agent now gathers metrics for NGINX workers. You can access these metrics using the Instance Manager Metrics API.

    The following worker metrics are reported:

    • The count of NGINX workers
    • CPU, IO, and memory usage

  • Modules field added to Metrics and Dimensions catalogs

    A modules field was added to the Metics and Dimensions catalogs. This field indicates which module or modules the metric or dimension belongs to.

  • New events for NGINX processes and configuration rollbacks

    Now, you can use the Instance Manager Events API or web interface to view events when NGINX instances start and reload or when a configuration is rolled back.

  • Role-based access control added to Events and Metrics pages

    A warning message is shown when users try to view the Events and Metrics pages in the web interface if they don’t have permission to access the Analytics feature. For instructions on assigning access to features using role-based access control (RBAC), see Set Up RBAC.

  • Filter events and metrics with custom time ranges

    Now you can filter events and metrics using a custom date and time range. Select Custom time range in the filter list, then specify the date and time range you want to use.

Changes in Default Behavior

Instance Manager 2.2.0 has the following changes in default behavior:

  • Viewing events requires a valid license

    A valid license is needed to view events using the Instance Manager REST API or web interface. See Add a License for instructions on how to get and add a license.

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Filter events and metrics with custom date and time ranges (32796)

  • Role-based access control added to Events and Metrics pages (33362)

  • Running Agent install script with sh returns “not found” error (33385)

  • The DeploymentDetails API now requires values for failure and success (33560)

2.1.0

April 5, 2022

Upgrade Paths

Instance Manager 2.1.0 supports direct upgrades from the following versions:

  • 2.0.0–2.0.1
See Also:

See the Upgrade Guide for important information and steps that you must review and follow when upgrading Instance Manager and the NGINX Agent.

If you’re running Instance Manager 1.x or earlier, follow the steps in the Migration Guide to migrate your system to Instance Manager 2.x. Direct upgrades from Instance Manager 1.x and earlier are not supported.

What’s New

This release includes the following new features and enhancements:

  • Adds Docker support for NGINX Agent

    Now you can collect metrics about the Docker containers that the NGINX Agent is running in. The NGINX Agent uses the available cgroup files to calculate metrics like CPU and memory usage.

    If you have multiple Docker containers on your data plane host, each container registers with Instance Manager as unique.

    Refer to the NGINX Agent Docker Support guide for details.

    Note:
    Containerizing the NGINX Agent is supported only with Docker at the moment. Look for additional container support in future releases of Instance Manager.

  • New RBAC lets you limit access to Instance Manager features

    RBAC has been updated and improved. Add users to roles – or add users to user groups if you’re using an external identity provider – to limit access to Instance Manager features.

    For more information, see the tutorial Set Up RBAC.

  • Deploy Instance Manager on Kubernetes using a helm chart

    We recommend using the Instance Manager helm chart to install Instance Manager on Kubernetes.

    Among the benefits of deploying from a helm chart, the chart includes the required services, which you can scale independently as needed; upgrades can be done with a single helm command; and there’s no requirement for root privileges.

    For instructions, see Install from a Helm Chart.

  • Improved certificate handling

    Stability and performance improvements for managing certificates using the web interface.

  • View events for your NGINX instances

    Now you can use the Instance Manager API or web interface to view events for your NGINX instances.

    See the View Events and View Events (API) topics for instructions.

  • Redesigned metrics views in the web interface

    The metrics pages in the web interface have been revised and improved.

    See the View Metrics topic to get started.

Changes in Default Behavior

Instance Manager 2.1.0 has the following changes in default behavior:

  • Tags are no longer enforced for RBAC or set when creating or updating a role

    If you’re using tags for RBAC on an earlier version of Instance Manager, you’ll need to re-create your roles after upgrading. Tags assigned to instances for the purpose of RBAC won’t be honored after you upgrade.

    See the What’s New section for details about the new Instance Manager RBAC authorization system.

  • The DeploymentDetails API now requires values for failure and success

    The DeploymentDetails API spec has changed. Now, the failure and success fields are required. The values can be an empty array or an array of UUIDs of NGINX instances; null is not a valid value.

    Endpoint: /systems/instances/deployments/{deploymentUid}

    Example JSON Response:

    {
"createTime": "2022-04-18T23:09:16Z",
"details": {
"failure": [ ],
"success": [
{
  "name": "27de7cb8-f7d6-3639-b2a5-b7f48883aee1"
}
]
},
"id": "07c6101e-27c9-4dbb-b934-b5ed75e389e0",
"status": "finalized",
"updateTime": "2022-04-18T23:09:16Z"
}

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Unable to register multiple NGINX Agents in containers on the same host (30780)

  • Include cycles in the configuration cause analyzer to spin. (31025)

  • System reports “error granting scope: forbidden” if user granting permissions belongs to more than one role (31215)

  • When using Instance Groups, tag-based access controls are not enforced (31267)

  • Bad Gateway (502) errors with Red Hat 7 (31277)

  • Improved certificate handling (32457)

2.0.1 Patch Release

January 27, 2022

Resolved Issues

This release fixes the following issues:

See Also:
To view the history for an issue, see the Known Issues list.

  • Unable to access the Instance Manager web interface after loading SELinux policy (31583)
  • The nms-dpm service restarts when registering multiple NGINX Agents with the same identity (31612)

2.0.0

December 21, 2021

What’s New

This release includes the following new features and enhancements:

  • New architecture!

    We redesigned and improved the architecture of Instance Manager! Because of these changes, upgrading to version 2.0 is different. Make sure to read the Migration Guide for instructions.

  • Improved user access control

    Instance Manager 2.x. allows you to create user access controls with tags. Administrators can grant users read or write access to perform instance management tasks. And admins can grant or restrict access to the Settings options, such as managing licenses and creating users and roles. See the Set up Authentication guide for more details.

  • More metrics and instance dashboards

    Instance Manager now collects additional metrics from the NGINX instances. We also added pre-configured dashboards to the web interface for each NGINX instance managed by Instance Manager. See the Catalog Reference documentation for a complete list of metrics.

  • (Experimental) Share a configuration across multiple instances

    With a feature called Instance Groups, you can share the same configuration across multiple instances. So, if your website requires a number of instances to support the load, you can publish the same configuration to each instance with ease.