Kubernetes Blog
Follow
Ingress NGINX: Statement from the Kubernetes Steering and Security Response Committees
The Kubernetes Steering Committee and Security Response Committee have announced the retirement of Ingress NGINX, a critical infrastructure component used by about half of cloud native environments, effective March 2026. The project has been in dire need of contributors and maintainers for years, and despite public warnings, it has not received the necessary support. After the retirement, there will be no more releases for bug fixes, security patches, or updates, leaving users vulnerable to attack if they do not migrate to alternative solutions. The committee emphasizes the severity of the situation and the importance of beginning migration to alternatives like Gateway API or third-party Ingress controllers immediately. Choosing to remain with Ingress NGINX after its retirement will leave users vulnerable to attack, and none of the available alternatives are direct drop-in replacements, requiring planning and engineering time. Existing deployments will continue to work, but users may not know they are affected until they are compromised, and they can check their reliance on Ingress NGINX by running a specific command with cluster administrator permissions. The Ingress NGINX project has been maintained by only one or two people working in their free time, and despite its widespread use, it has not received the necessary contributors to maintain it securely. The committee did not make the decision to retire Ingress NGINX lightly, but it is necessary for the safety of all users and the ecosystem as a whole due to the technical debt and fundamental design decisions that exacerbate security flaws. The committee urges users to check their clusters now and begin planning for migration if they are reliant on Ingress NGINX to avoid serious risk. The retirement of Ingress NGINX is a significant change that affects a large percentage of Kubernetes users, and it is imperative that users take immediate action to address the issue.