Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
NHI, AI & IAM Suppo...
Ingress NGINX retir...
 
Notifications
Clear all

Ingress NGINX retirement: what it means for Kubernetes teams

 
    Last Post
  RSS

 NHI Mgmt Group
(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 7325
Topic starter 24/06/2026 8:45 pm  

TL;DR: Kubernetes SIG Network has announced the retirement of Ingress NGINX, with best-effort maintenance ending in March 2026 and no future fixes after that, according to Kong. The practical issue is not just migration timing but the security and governance debt created by keeping critical ingress paths on a component with no ongoing vulnerability response.

NHIMG editorial — based on content published by Kong: Farewell Ingress NGINX: Explore a Better Path Forward with Kong

Questions worth separating out

Q: How should teams migrate from Ingress NGINX to Gateway API without breaking existing traffic?

A: Treat the move as a phased control-plane migration, not a simple YAML translation.

Q: What happens when a Kubernetes ingress component reaches end of maintenance?

A: The main risk is lifecycle exposure.

Q: What do platform teams get wrong about ingress migration?

A: They often treat it as a technical rewrite instead of an operational ownership problem.

Practitioner guidance

  • Inventory every Ingress NGINX dependency Identify clusters, namespaces, routes, and application owners that still rely on Ingress NGINX, then classify each dependency by business criticality and replacement complexity.
  • Assign retirement ownership for ingress components Create a named owner for ingress lifecycle decisions, including support status, migration sequencing, exception handling, and decommission sign-off.
  • Pilot Gateway API on low-risk services first Use a limited workload set to validate routing parity, policy behaviour, and observability before moving high-traffic or regulated services.

What's in the full article

Kong's full blog covers the operational detail this post intentionally leaves for the source:

  • How Kong's ingress2gateway translation tool maps existing Ingress NGINX resources into Gateway API objects.
  • What Kong Operator's dual-API support means for teams that need to run old and new routing models together.
  • Which operational features Kong highlights for zero-downtime upgrades, scaling, and plugin-based traffic control.
  • How Kong Konnect is positioned for API lifecycle management during and after migration.

👉 Read Kong's analysis of Ingress NGINX retirement and Gateway API migration →

Ingress NGINX retirement: what it means for Kubernetes teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Topic Tags
kong kubernetes gateway-api ingress-nginx api-governance
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  kong (108) , kubernetes (23) , gateway-api (1) , ingress-nginx (2) , api-governance (21) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.