You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/nginxaas-google/overview/overview.md
+7-8Lines changed: 7 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,13 +37,12 @@ The key capabilities of NGINXaaS for Google Cloud are:
37
37
38
38
{{< img src="nginxaas-google/nginxaas-google-cloud-architecture.png" alt="Architecture diagram of NGINXaaS for Google Cloud showing user traffic through load balancers to applications, with control plane management via the NGINXaaS Console, GCP Marketplace, and Identity Provider, plus logging, monitoring, and secret management." >}}
39
39
40
-
At the top, administrators connect to the NGINXaaS Console, which connects to the GCP Marketplace and an SSO Identity Provider. The GCP Marketplace manages accounts and entitlements, and the Identity Provider integrates with the NGINXaaS Console.
41
-
42
-
The NGINXaaS Console (part of the NGINX One platform) sits in an NGINXaaS Geographic Area Controller (for example, US, CA, EU) and handles control plane/management functions. It communicates with GCP Provisioning APIs and pushes configuration updates to the NGINX Data Plane VPC.
43
-
44
-
Inside the NGINX Data Plane VPC, a GCP Load Balancer (L4 Passthrough LB) connects to the NGINX instance, which is integrated with an NGINX Agent and optional NAP (App Protect) Enforcer. Application users connect through Public or Private Endpoints via a Proxy Load Balancer and Network Endpoint Group to upstream applications.
45
-
46
-
Logs and metrics flow to GCP Cloud Logging and Cloud Monitoring, while secrets and certificates are managed by GCP Secret Manager.
40
+
- The NGINXaaS Console is used to create, update, and delete NGINX configurations, certificates and NGINXaaS deployments
41
+
- Each NGINXaaS deployment has dedicated network and compute resources. There is no possibility of noisy neighbor problems or data leakage between deployments
42
+
- NGINXaaS can route traffic to upstreams even if the upstream servers are located in different geographies. See [Known Issues]({{< ref "/nginxaas-google/known-issues.md" >}}) for any networking restrictions.
43
+
- NGINXaaS supports request tracing. See the [Application Performance Management with NGINX Variables](https://www.f5.com/company/blog/nginx/application-tracing-nginx-plus) blog to learn more about tracing.
44
+
- Supports HTTP to HTTPS, HTTPS to HTTP, and HTTP to HTTP redirects. NGINXaaS also provides the ability to create new rules for redirecting. See [How to Create NGINX Rewrite Rules | NGINX](https://blog.nginx.org/blog/creating-nginx-rewrite-rules) for more details.
45
+
- Google Cloud's Private Service Connect (PSC) enables clients within your Virtual Private Cloud (VPC) to access your NGINXaaS deployments. PSC also provides NGINXaaS a secure and private way to connect to your upstream applications. Known networking limitations can be found in the [Known Issues]({{< ref "/nginxaas-google/known-issues.md" >}}).
47
46
48
47
### Geographical Controllers
49
48
@@ -59,7 +58,7 @@ With the Enterprise Plan, NGINXaaS uses the following redundancy features to kee
59
58
60
59
- We run _at least_ two NGINX Plus instances for each deployment in an active-active pattern
61
60
- NGINX Plus is constantly monitored for health. Any unhealthy instances are replaced with new ones
62
-
-<<If Google Cloud has any redundancy features, we will mention them here>> TBD
61
+
-NGINXaaS deployments utilize multiple [zones within each region](https://cloud.google.com/compute/docs/regions-zones) protecting against zonal failures
0 commit comments