Public Cloud Simplified with F5 NGINXaaS for Azure

The teams at F5 and Microsoft have partnered to jointly develop a new native offering known as F5 NGINXaaS for Azure. The NGINXaaS offering is a simple and secure way to help you migrate and extend application workloads from on-premises to the Azure public cloud by bringing your configurations. If you are using NGINX today, or planning to use it in the future but are not quite sure where to start, then continue reading to learn more about the following:

 

Overview of F5 NGINXaaS for Azure

F5 NGINXaaS for Azure is built directly into the Azure portal and is tightly integrated with the Azure ecosystem. This means you can utilize Azure security services like Azure Key Vault for bringing your SSL/TLS certificates and keys while using Azure Monitor for NGINX deployment metrics. You can even manage your NGINX configuration with syntax validation…all in one Azure panel. Of course, you can use your preferred method to deploy and manage: the Azure Portal, API or CLI. Talk about ease of use!

Here is a high-level architecture of F5 NGINXaaS for Azure and the related Azure components.

Key capabilities powered by F5 NGINXaaS for Azure:

  • Simplifies onboarding by leveraging NGINX as a service
  • Lowers operational overhead in running and optimizing NGINX
  • Supports migration of existing NGINX configurations to cloud with minimal effort
  • Azure ecosystem integration (Azure Key Vault, Azure Monitor, Azure AD)
  • Addresses wide range of deployment scenarios (HTTP reverse proxy, JWT authentication, etc)
  • Consumption-based pricing

For the complete set of capabilities of this offer, refer to the F5 NGINXaaS for Azure docs.

Problems Solved by F5 NGINXaaS for Azure

F5 NGINXaaS for Azure removes the burden of having to deploy your own NGINX Plus cluster, install libraries, upgrade, and manage it. Whether you are an existing or new NGINX customer, this means speed and simplicity with no IaaS to manage. This ease of use means there is no need for expert knowledge, and this is especially compelling for customers new to NGINX.

If you are an existing NGINX customer, F5 NGINXaaS for Azure gives you the ability to reuse what you already have on-premises. It is powered by NGINX Plus and enables you to easily copy your existing NGINX configuration into Azure cloud. This reduces the learning curve often experienced when customers begin to adopt public cloud to gain better security, availability, resiliency, and manageability.

Keep reading and I will show you just how easy it is! In 3…2…1…go!

Step-by-step Deployment of F5 NGINXaaS for Azure

This section will be my quick walkthrough of a new F5 NGINXaaS for Azure deployment. This is based on the F5 NGINXaaS for Azure “Overview and Quickstart”, so click the link and follow along! I will provide my demo screenshots where it requires additional clarity. Otherwise simply follow the docs link above.

See you in a couple minutes!

Deployment

  1. Search for “NGINXaaS” in marketplace or follow this link
  2. Select F5 NGINXaaS for Azure and choose "Standard" and subscribe
  3. Create an F5 NGINXaaS for Azure deployment in the Azure portal by completing the fields
  4. Choose “new VNet” and follow remainder of NGINX Docs steps to deploy

Validation

The NGINX deployment should take couple minutes to finish. Once complete, review the resources that were created for you.

  1. Select the Azure Resource Group
  2. Review the VNet, public IP, and Network Security Group (NSG)
  3. Click the NGINX Deployment resource to explore setting

Add NGINX Configuration

If you have your own NGINX configuration file, this is the time to use it. If not, you can use the example nginx.conf below.

http {
  server {
    listen 80 default_server;
    location / {
            default_type text/html;
            return 200 '<!DOCTYPE html><h2>Welcome to Azure!</h2>\n';
    }
  }
}
  1. Select the “NGINX Configuration” menu and copy/paste into the code block
  2. Confirm and Submit

Modify NSG Rules

A new NSG is created automatically when choosing the "New VNet" option. Let's create a new rule for port 80 and 443 in order to allow application traffic. This is based on Azure Docs "Create, Change, or Delete a Network Security group".

  1. Go to your Resource Group
  2. Select the NSG object to modify it
  3. Choose "Inbound security rules" and hit "+" Add
  4. Add port 80/TCP and port 443/TCP and hit “Add”

Test Application

At this point, we have a working cluster and demo application. Time to test!

  1. Copy the public IP from the NGINX Deployment
  2. Open a new web browser and test

Congratulations! You now have done a quick install and test of your first F5 NGINXaaS for Azure deployment.

Summary

This article covered the highlights of the new F5 NGINXaaS for Azure offering. I shared an overview of F5 NGINXaaS for Azure, listed the key capabilities of the new service and how that benefits our customers, and reviewed the problems solved. Lastly, I provided a quick walkthrough to put things in perspective how easy this offer is to deploy.

Contact us with any questions or requirements. We would love to hear from you!

Resources

Updated Mar 19, 2024
Version 10.0
  • I can't speak to the technical prowess on display here but Jeff_Giroux_F5 your articles are a thing of beauty; well formatted, easy to read, crisp, clear, clean.
    #ChefsKiss