From 6fd3bc5c468524275af4f370634046ae7de9bbb3 Mon Sep 17 00:00:00 2001 From: Daniel Edgar Date: Fri, 23 Jan 2026 08:14:37 -0500 Subject: [PATCH 1/2] fix: NIM - address various typos, grammatical and table data issues --- content/nim/fundamentals/tech-specs.md | 39 ++++++++----------- .../set-up-app-protect-instances.md | 6 +-- .../install-disconnected.md | 12 +++--- 3 files changed, 26 insertions(+), 31 deletions(-) diff --git a/content/nim/fundamentals/tech-specs.md b/content/nim/fundamentals/tech-specs.md index 8481a5467..83d457219 100644 --- a/content/nim/fundamentals/tech-specs.md +++ b/content/nim/fundamentals/tech-specs.md @@ -30,21 +30,17 @@ We recommend using the latest release of NGINX Instance Manager, and provides so We provide technical support for F5 customers who are using the most recent version of NGINX Instance Manager, and any version released within two years of the current release. -NGINX Instance Manager supports the following versions : - - - -| Nginx Instance Manager Version | End of Technical Support | -|----------------------------------|---------------------------------------------------| -| 2.21.x | Nov 07, 2027 | -| 2.20.x | Jun 15, 2027 | -| 2.19.x | Feb 06 10, 2026 | -| 2.18.x | Jul 10, 2026 | -| 2.17.x | Nov 08, 2026 | -| 2.16.x | Apr 16, 2026 | -| 2.15.x | Dec 13, 2025 | - - +NGINX Instance Manager supports the following versions: + +| NGINX Instance Manager Version | End of Technical Support | +|---------------------------------|--------------------------| +| 2.21.x | Nov 07, 2027 | +| 2.20.x | Jun 16, 2027 | +| 2.19.x | Feb 06, 2027 | +| 2.18.x | Nov 08, 2026 | +| 2.17.x | Jul 10, 2026 | +| 2.16.x | Apr 18, 2026 | +| 2.15.x | Dec 12, 2025 | ## Supported NGINX Versions {#nginx-versions} @@ -93,7 +89,6 @@ In Lightweight mode, we tested NGINX Instance Manager with ten managed NGINX ins These figures are guidelines only. They reflect the minimum tested configuration and may cause performance issues depending on your setup. For better performance, consider allocating more system resources. - ### License and usage reporting only {#reporting-sizing} This section applies when you’ve set up NGINX Instance Manager to handle licensing and usage reporting only. In this setup, NGINX instances report license and usage data in an "unmanaged" way. Each instance sends periodic updates to NGINX Instance Manager for counting purposes only. @@ -149,12 +144,12 @@ The table below shows the estimated storage requirements for **NGINX OSS**, base {{}} -| Config Size | Instances | Retention (days) | Estimated Disk Usage (NGINX OSS) | -|-----------------------|-----------|------------------|----------------------------------| +| Config Size | Instances | Retention (days) | Estimated Disk Usage (NGINX OSS) | +|------------------------|-----------|------------------|----------------------------------| | **Generic Large Size** | 10 | 14 | 200 MiB | -| | 50 | 14 | 850 MiB | -| | 100 | 14 | 1.75 GiB | -| | 250 | 14 | 4 GiB | +| | 50 | 14 | 850 MiB | +| | 100 | 14 | 1.75 GiB | +| | 250 | 14 | 4 GiB | {{}} @@ -216,6 +211,6 @@ The NGINX Instance Manager web interface works best on the latest versions of th ## NGINX Agent -#### Data plane requirements +### Data plane requirements - **Supported distributions**: The NGINX Agent can run on most environments. For the supported distributions, see the [NGINX Agent Technical Specs](https://docs.nginx.com/nginx-agent/technical-specifications/) guide. diff --git a/content/nim/security-monitoring/set-up-app-protect-instances.md b/content/nim/security-monitoring/set-up-app-protect-instances.md index 311a4630e..4b3cd4180 100644 --- a/content/nim/security-monitoring/set-up-app-protect-instances.md +++ b/content/nim/security-monitoring/set-up-app-protect-instances.md @@ -176,7 +176,7 @@ Repeat the steps below on each F5 WAF for NGINX data plane instance. app_protect_security_log "/etc/app_protect/conf/log_sm.json" syslog:server=127.0.0.1:514; ``` - {{< call-out "important" >}}The `syslog:server=:` must match the `syslog_ip` and `syslog_port` values specified in the [NGINX Agent configuration file](#agent-config). The dashboards won't display any data if these settings don't match. Also, the networking changes for F5 WAF for NGINX Version 5 preclude the use of `127.0.0.1` as a syslog server address. For Version 5, the address of the `docker0` interface (typically `192.0.10.1`) or the IP address of the data plane host can be used for the syslog server address.{{< /call-out >}} + {{< call-out "important" >}}The `syslog:server=:` must match the `syslog_ip` and `syslog_port` values specified in the [NGINX Agent configuration file](#install-nginx-agent). The dashboards won't display any data if these settings don't match. Also, the networking changes for F5 WAF for NGINX Version 5 preclude the use of `127.0.0.1` as a syslog server address. For Version 5, the address of the `docker0` interface (typically `192.0.10.1`) or the IP address of the data plane host can be used for the syslog server address.{{< /call-out >}} 1. Restart NGINX Agent and the NGINX web server. @@ -207,7 +207,7 @@ Take the steps below to update your F5 WAF for NGINX configurations by using Ins - Add the `app_protect_policy_file` directive with a reference to a security policy. - The policy reference must use the `.tgz` file extension when using Instance Manager to perform precompiled publication of F5 WAF for NGINX policies and log profiles. The file path referenced must exist on the NGINX Instance Manager host, but it's ok if the policy file doesn't exist yet. If your Instance is not configured for precompiled publication, then use the `.json` file extension for polcies and log profiles. In this case, the file path referenced in the NGINX configuration must reside on the Instance. + The policy reference must use the `.tgz` file extension when using Instance Manager to perform precompiled publication of F5 WAF for NGINX policies and log profiles. The file path referenced must exist on the NGINX Instance Manager host, but it's ok if the policy file doesn't exist yet. If your Instance is not configured for precompiled publication, then use the `.json` file extension for policies and log profiles. In this case, the file path referenced in the NGINX configuration must reside on the Instance. If you are using custom security policies, at this stage, it's fine to use the default security policy shown in the example above. After completing the steps in this guide, refer to the instructions in [Set Up F5 WAF for NGINX Configuration Management]({{< ref "/nim/waf-integration/configuration/manage-waf-configurations" >}}) to add your custom security policy files to NGINX Instance Manager and update your NGINX configuration. @@ -217,7 +217,7 @@ Take the steps below to update your F5 WAF for NGINX configurations by using Ins If the `app_protect_security_log_enable` setting is already present, just add the `app_protect_security_log` beneath it in the same context. - {{< call-out "important" >}}The `syslog:server=:` must match the `syslog_ip` and `syslog_port` values specified in the [NGINX Agent configuration file](#agent-config). The Security Monitoring dashboards won't display any data if these settings don't match. Also, the networking changes for F5 WAF for NGINX Version 5 preclude the use of `127.0.0.1` as a syslog server address. For Version 5, the address of the `docker0` interface (typically `192.0.10.1`) or the IP address of the data plane host can be used for the syslog server address.{{< /call-out >}} + {{< call-out "important" >}}The `syslog:server=:` must match the `syslog_ip` and `syslog_port` values specified in the [NGINX Agent configuration file](#install-nginx-agent). The Security Monitoring dashboards won't display any data if these settings don't match. Also, the networking changes for F5 WAF for NGINX Version 5 preclude the use of `127.0.0.1` as a syslog server address. For Version 5, the address of the `docker0` interface (typically `192.0.10.1`) or the IP address of the data plane host can be used for the syslog server address.{{< /call-out >}} 1. Select **Publish** to immediately push the configuration file updates out to your NGINX instance or instance group. diff --git a/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md b/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md index 8056f55a9..fdc38b153 100644 --- a/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md +++ b/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md @@ -9,7 +9,7 @@ nd-product: NIMNGR You can install the WAF compiler on a system without internet access by creating the package on a connected system, then transferring and installing it offline. -- **Step 1:** Generate the WAF compiler package on a system with internet access. +- **Step 1:** Generate the WAF compiler package on a system with internet access. - **Step 2:** Move the generated package to the offline target system and install it. ## Before you begin @@ -211,7 +211,7 @@ Earlier releases used 4.x.x for VM packages (for example, NAP 4.15.0, NAP 4.16.0 **On a system with internet access:** -Build the following Dockerfile by updating the base image version and target compiler version as per your requirement. Here , in this example, we've used NIM version as latest 2.21.0 ( Which comes with WAF compiler v5.527.0) and additional WAF compiler to be installed as v5.550.0. +Build the following Dockerfile by updating the base image version and target compiler version as per your requirement. In this example, we've used NIM version 2.21.0, which ships with WAF compiler v5.527.0 installed. In this procedure, an additional WAF compiler version will be installed: v5.550.0. ```shell FROM private-registry.nginx.com/nms/integrations:2.21.0 @@ -245,15 +245,15 @@ Build the compiler docker build --no-cache --platform linux/amd64 --secret id=nginx-crt,src=/path/to/nginx-repo.crt,type=file --secret id=nginx-key,src=/path/to/nginx-repo.key,type=file -t integrations:waf-compiler-extended . ``` -Move the yielded docker image to the target offline system. +Move the resulting Docker image to the target offline system. **On the offline target system:** -Host the docker image on either local or remote registry. -Edit the kubernetes deployment w.r.t integrations to reference to the new docker image hosted. +Host the Docker image on either a local or remote registry that your Kubernetes cluster has access to. +Edit the `integrations` Kubernetes deployment resource to reference to the new Docker image hosted in your registry. ```shell kubectl edit deploy -n integrations ``` -Once the pod comes up with the latest image, system should be up with both the compiler installed and should be able to compile policies on datapath's having either versions of WAF. +Once the `integrations` deployment's pod initializes with the latest image, NIM will have both compilers installed and will be able to compile policies on NGINX instances containing either version of F5 WAF for NGINX. From d7432ea7d80e474e78cec3369c276cc486b7209e Mon Sep 17 00:00:00 2001 From: Daniel Edgar Date: Fri, 23 Jan 2026 08:22:45 -0500 Subject: [PATCH 2/2] adjust phrasing --- .../configuration/install-waf-compiler/install-disconnected.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md b/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md index fdc38b153..51941bb6d 100644 --- a/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md +++ b/content/nim/waf-integration/configuration/install-waf-compiler/install-disconnected.md @@ -211,7 +211,7 @@ Earlier releases used 4.x.x for VM packages (for example, NAP 4.15.0, NAP 4.16.0 **On a system with internet access:** -Build the following Dockerfile by updating the base image version and target compiler version as per your requirement. In this example, we've used NIM version 2.21.0, which ships with WAF compiler v5.527.0 installed. In this procedure, an additional WAF compiler version will be installed: v5.550.0. +Build the following Dockerfile by updating the base image version and target compiler version as per your requirement. In this example, we've used NIM version 2.21.0, which includes WAF compiler v5.527.0. In this procedure, an additional WAF compiler version will be installed: v5.550.0. ```shell FROM private-registry.nginx.com/nms/integrations:2.21.0