F5 NGINX Automation Examples [Part 1-Deploy F5 NGINX Ingress Controller with App ProtectV5 ]

Introduction:

Welcome to our initial article on F5 NGINX automation use cases, where we aim to provide deeper insights into the strategies and benefits of implementing NGINX solutions. This series uses the NGINX Automation Examples GitHub repo and CI/CD platform to deploy  NGINX solutions based on DevSecOps principles. Our focus will specifically address the integration of  NGINX with Terraform, two powerful tools that enhance application delivery and support infrastructure as code.  Stay tuned for additional use cases that will be presented in the upcoming content!

In this detailed example, we will demonstrate how to deploy an F5 NGINX Ingress Controller with the F5 NGINX App Protect version 5 in the AWS Cloud. We will utilize Terraform to set up an AWS Elastic Kubernetes Service (EKS) cluster that hosts the Arcadia Finance test web application. The  NGINX Ingress Controller will manage this application for Kubernetes and will have security measures provided by the NGINX App Protect version 5. To streamline the deployment process, we will integrate GitHub Actions for continuous integration and continuous deployment (CI/CD) while using an Amazon S3 bucket to manage the state of our Terraform configurations.

Prerequisites:

• F5 NGINX One License
• AWS Account - Due to the assets being created, the free tier will not work
• GitHub Account

Tools

• Cloud Provider: AWS
• Infrastructure as Code: Terraform
• Infrastructure as Code State: S3
• CI/CD: GitHub Action

Architecture Diagram

NGINX Ingress Controller:  This solution provides comprehensive management for API gateways, load balancers, and Kubernetes Ingress Controllers, enhancing security and visibility in hybrid and multicloud environments, particularly at the edge of Kubernetes clusters. Consolidating technology simplifies operations and helps reduce the complexity of using multiple tools.

NGINX App Protect WAF v5:  A lightweight software security solution designed to deliver high performance and low latency. It supports platform-agnostic deployment, making it suitable for modern microservices and container-based applications. This version integrates both NGINX and Web Application Firewall (WAF) components within a single pod, making it particularly well-suited for scalable, cloud-native environments.

Workflow Guides: 

Deploy NGINX Ingress Controller with App ProtectV5 in AWS Cloud :  For detailed, step-by-step instructions on deploying this application in the AWS cloud, please follow this link. It provides a comprehensive guide to help you through the process.

Conclusion

This article outlines deploying a robust security framework using the NGINX Ingress Controller and NGINX App Protect WAF version 5 for a sample web application hosted on AWS EKS. We leveraged the NGINX Automation Examples Repository and integrated it into a CI/CD pipeline for streamlined deployment. Although the provided code and security configurations are foundational and may not cover every possible scenario, they serve as a valuable starting point for implementing NGINX Ingress Controller and NGINX App Protect version 5 in your own cloud environments.