Deployment issues for new customers

Currently, all new-customer deployments are non-functional. Existing customers deploying into a new region are also affected. See Known Issues for updates.

Frequently Asked Questions

Common questions about NGINX as a Service for Azure.

Will my deployment autodetect a new version of my TLS certificate and apply it?

  • Not currently. This enhancement is coming in a future release.

Can my deployment listen on ports other than TCP 80 and 443?

  • Not currently. This enhancement is coming soon.

Can I reference my upstream servers by internal DNS hostname?

  • Yes. If your DNS nameservers are configured in the same VNet used by your deployment, then you can use those DNS nameservers to resolve the hostname of the upstream servers referenced in your NGINX configuration.

How can I review the NGINX access and error logs?

  • This capability is not currently available. This enhancement is coming soon.

Why do the metrics show more connections and requests than I was expecting?

  • The agent gathers stats via an internal HTTP request incrementing the request count. The Azure service health probe checks for status via a TCP connection on port 80/443 incrementing the connection count. This contributes to minimal traffic and should not affect any of these metrics greatly.

What are the specific permissions NGINXaaS for Azure needs?

  • The specific permissions required to deploy NGINXaaS are:

    • microsoft.network/publicIPAddresses/join/action

    • nginx.nginxplus/nginxDeployments/Write

    • microsoft.network/virtualNetworks/subnets/join/action

    • nginx.nginxplus/nginxDeployments/configurations/Write

    • nginx.nginxplus/nginxDeployments/certificates/Write

  • Additionally, if you are creating the Virtual Network or IP address resources that NGINXaaS for Azure will be using, then you probably also want those permissions as well.

  • Note that assigning the managed identity permissions normally requires “Owner” role.

Why are min and max aggregation types reporting zero in Azure Monitor?

  • NGINXaaS for Azure does not currently report on the min and max of the NGINX metrics. In this case, the service will simply report a value of zero when either of these aggregation types is selected in Azure Monitor.

Can I use an existing subnet to create my deployment?

  • You can use an existing subnet to create a deployment. Please make sure that the subnet is delegated to NGINX.NGINXPLUS/nginxDeployments before creating a deployment in it. To delegate a subnet to an Azure service, see Delegate a subnet to an Azure service.