Learn about NGINXaaS' architecture.
- Azure management tools (API, CLI, portal, terraform) work with NGINXaaS to create, update, and delete deployments
- Each NGINXaaS deployment has dedicated network and compute resources. There is no possibility of noisy neighbor problems or data leakage between deployments
NGINXaaS uses the following redundancy features to keep your service available.
- We run at least two NGINX Plus instances for each deployment in an active-active pattern
- NGINX Plus is constantly monitored for health. Any unhealthy instances are replaced with new ones.
- We use Azure Availability Zones to protect your deployment from local failures within an Azure region. We balance NGINX instances across the possible availability zones in supported regions
If you are creating a public IP for your deployment, be sure to make them zone redundant to get the best uptime.
Data plane traffic
NGINXaaS uses new Azure networking capabilities to keep end-user traffic private. Each NGINX Plus instance passes traffic to downstream services via an elastic network card (NIC) that exists inside your subscription. These NICs are injected into a delegated virtual network. A network security group controls traffic to your NGINX Plus instances.
NGINX Plus instances are automatically upgraded to receive security patches and the latest stable NGINX Plus version.
- To configure the service, see Management