Ingress NGINX: The Urgent Migration You Can't Ignore
Ingress NGINX serves as a backbone for around half of cloud-native environments, managing traffic routing and access control. However, with its impending retirement in March 2026, it's crucial to assess your reliance on this tool. If you continue using Ingress NGINX post-retirement, you expose yourself and your users to significant security risks.
To determine if your clusters depend on Ingress NGINX, run the command: kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx. This command requires cluster administrator permissions and will help you identify any active deployments. Existing setups will keep functioning unless you actively check, which means you might remain unaware of vulnerabilities until it's too late.
It's imperative to start planning your migration away from Ingress NGINX now. The longer you wait, the greater the risk to your infrastructure. The transition to alternatives like the Gateway API should be prioritized to maintain security and functionality in your Kubernetes environment.
Key takeaways
- →Run `kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx` to check your cluster's reliance on Ingress NGINX.
- →Plan your migration to alternatives like the Gateway API before Ingress NGINX is retired in March 2026.
- →Understand that continuing to use Ingress NGINX post-retirement leaves your deployments vulnerable.
- →Recognize that existing deployments will not alert you to vulnerabilities unless you proactively check.
- →Act now to secure your infrastructure and avoid potential compromises.
Why it matters
Failing to migrate from Ingress NGINX before its retirement can lead to significant security vulnerabilities, jeopardizing your entire cloud-native infrastructure.
Code examples
kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginxWhen NOT to use this
The official docs don't call out specific anti-patterns here. Use your judgment based on your scale and requirements.
Want the complete reference?
Read official docsUnified observability — logs, uptime monitoring, and on-call in one place. Used by 50,000+ engineering teams to ship faster and sleep better.
Try Better Stack free →Zero-Downtime Migration: From Ingress NGINX to Envoy Gateway
Migrating from Ingress NGINX to Envoy Gateway without downtime is crucial for maintaining service continuity. By leveraging weighted DNS records, you can run both systems simultaneously and control traffic flow seamlessly. This article breaks down the practical steps to achieve this migration effectively.
Mastering Ingress Request Tracing for Multi-Tenant SaaS on Kubernetes
In a multi-tenant SaaS environment, understanding request flows is crucial for maintaining performance and reliability. By implementing end-to-end ingress request tracing, you can track customer requests through your services using Trace IDs and Span IDs.
Building a Cloud Native Platform: Kairos, k0rdent, and bindy in Action
Creating a cloud native platform from scratch can be daunting. With Kairos, you get an immutable Linux distribution that boots from OCI images, ensuring consistency. Dive into how k0rdent and bindy enhance your Kubernetes management and DNS operations.
Get the daily digest
One email. 5 articles. Every morning.
No spam. Unsubscribe anytime.