Liam Crilly

NGINX 和 NGINX Plus 先进的 HTTP 处理能力，使其成为构建 API 网关的理想平台。我们将在本文介绍 API 用例，展示如何配置 NGINX 以高效、可扩展且易于维护的方式处理它们，并提供完整的 NGINX 配置。

我们展示了如何使用 NGINX JavaScript 模块捕获有关导致错误的请求的数据，并提供了足够的详细信息用于调试和故障排除，同时不让日志中充斥着有关未发生错误的请求信息。

我们宣布支持 QUIC 和 HTTP/3 的 NGINX 技术预览版作为预发布软件，可用于互操作性测试，并接受意见反馈和代码贡献了。HTTP/3 使用 QUIC 代替了 TCP, 使其能更可靠地支持多路复用连接。

NGINX Plus R22 introduces new features including support for OCSP to verify certificate revocation for mutual TLS, use of multiple OIDC IdPs in a configuration, real-time tracking of request and connection limiting on the NGINX Plus dashboard, and NGINX JavaScript enhancements.

NGINX Plus R21 is more reliable and secure than ever, importing numerous bug fixes from NGINX Open Source. New variable support in gRPC proxying extends dynamic, API‑driven routing policies to gRPC workloads, and the NGINX JavaScript module has been enhanced, particularly with respect to subrequests.

NGINX Plus R20 builds on the enhancements made in R19 to rate limiting, adding real-time monitoring and logging; connection limiting now has the same features. We also added prefix matching in the key-value store, DNS resolution per upstream group, new PROXY Protocol variables, and improved security for HTTP/2.

NGINX Plus R19 extends our monitoring capabilities, both with a larger set of metrics and new ways to analyze them; adds a dry-run mode for testing the effect of rate limiting; enhances the key-value store to support IP address ranges; and makes rate limiting more dynamic.

We have released updates to NGINX Open Source and NGINX Plus to fix vulnerabilities in the HTTP/2 protocol that were announced today (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516). Upgrade as soon as possible to NGINX 1.17.3, NGINX 1.16.1, or NGINX Plus R18 P1.

NGINX announces the latest branches of NGINX Open Source, the stable 1.16 branch and the mainline 1.17 branch. New to the stable branch are improvements to UDP proxying, the Random load‑balancing method, support for TLS 1.3 early data, dynamic loading of SSL certificates, and more.

NGINX and NGINX Plus can act as an OAuth 2.0 Relying Party, sending access tokens to the Idenity Provider for validation and only proxying requests that pass the validation process.