"The breadth and flexibility of Ingress NGINX has caused maintenance challenges. Changing expectations about cloud native software have also added complications. What were once considered helpful options have sometimes come to be considered serious security flaws ... Yesterday's flexibility has become today's insurmountable technical debt."
"It became very popular due to its tremendous flexibility, breadth of features, and independence from any particular cloud or infrastructure provider."
"Ingress NGINX has continued to be one of the most popular, deployed as part of many hosted Kubernetes platforms and within innumerable independent users' clusters."
"In March 2025, researchers at Wiz found Ingress NGINX had serious vulnerabilities that could allow complete takeover of Kubernetes clusters."
Ingress NGINX is an ingress controller that enables external HTTP/S access to Kubernetes clusters. The controller gained popularity for its flexibility, wide feature set, and provider independence, and remained widely deployed across hosted platforms and independent clusters. The project experienced repeated major security flaws, including March 2025 Wiz researchers' finding of vulnerabilities that could enable full cluster takeover. Maintainers had paused adding core features to focus on a successor project called InGate, but maintenance burden continued to grow. The Kubernetes Security Response Committee decided to end work, and the project will be retired in March 2026 due to untenable technical debt and security risk.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]