Kubernetes ingress-nginx to stop receiving new features and security fixes in 2026

Looks like it’s really the end of an era for Kubernetes Ingress. ingress-nginx is moving into maintenance mode from March 2026 — no new features after that and more importantly, no new security patches. I’ve been using Ingress for so long that it feels weird to see it finally winding down, but I guess it was bound to happen sooner or later. On the bright side, Kubernetes has been pushing the Gateway API for a while now, and honestly, it’s shaping up to be a much cleaner and more powerful way to handle traffic. Most vendors and controllers support it already, so it feels like the right time to start shifting over. If you haven’t explored it yet, definitely worth taking a look. 🔗 More details: https://lnkd.in/g6bmu5PC Time for upgrades 😅

🚨 Attention 🚨 The Ingress-NGINX controller that powers millions of clusters is officially End-of-Life in March 2026. No more patches, no CVE fixes, no new features—only the code you have today. What should you do? 1️⃣ Identify if you’re affected: kubectl get pods -A -l app[dot]kubernetes[dot]io/name=ingress-nginx 2️⃣ Pick a modern, future-proof replacement. The Gateway API is the upstream standard that fixes everything Ingress-NGINX struggled with: multi-protocol (HTTP, gRPC, TCP, UDP), role-based security, and seamless integration with service-mesh sidecars. 3️⃣ Use Gateway API - https://lnkd.in/dyNkqm7b 📖 Read the full comparison here: https://lnkd.in/d9-dBK-t Don’t wait until the March 2026 deadline; start your migration today and sleep better knowing your ingress layer is maintained, secure, and cloud-native. #Kubernetes #GatewayAPI #IngressNGINX #CloudNative #DevOps #Security #K8s

An AWS outage today brought down what seems to be half of the internet. Sometimes, all you can do is sit back and wait for the issue to be fixed. But very often, your application can handle outages gracefully. Especially if you expect it to happen at some point, like DNS issues. In the second guest post on our blog, Dima Kotik shows how you can use SQLite as a lightweight Pub/Sub (that he contributed to Watermill) with a focus on durable execution. With this approach, your apps become more resistant to external failures. For many applications, one of the popular Pub/Subs is usually the right choice. But if you start a project or have used GoChannel Pub/Sub so far, SQLite is worth considering. https://lnkd.in/d9jky9DN

Port forwarding in Kubernetes creates a secure tunnel between your local machine and cluster resources through the API server. It's useful for debugging, database access, and testing services without modifying network configurations or setting up load balancers. The kubectl port-forward command establishes a temporary TCP connection that works for pods, services, or deployments. Common scenarios include local development with remote services, accessing internal dashboards, and connecting database clients. If you're developing with Kubernetes you will almost certainly use port forwarding. Flavius Dinu wrote this great guide covering syntax, real-world use cases, and alternatives like LoadBalancers and Ingress controllers. Check it out! https://lnkd.in/edVGb9H3

We've got a new blog out looking at #Kubernetes versions in use in real-world clusters, and it's actually quite good news from a security perspective. With the addition of extended support for the major managed Kubernetes distributions, it looks like most of the cluster's were seeing are running on supported versions. That's quite an improvement over the last couple of years. https://lnkd.in/eczb39UT

Kubernetes SIG Network and the Security Response Committee has been announced the upcoming retirement of Ingress NGINX. They will maintain this to March 2026. And the good part is the existing Ingress NGINX deployments will keep functioning as they do today, and all installation artifacts will remain available. For more info please have a look on this link : https://lnkd.in/gTr99Gzp https://lnkd.in/gbfHJev6 https://lnkd.in/gtGzYj4N #Kubernatives #Devops

GitHub has launched an MCP Registry — a place to list and discover MCP (Model Context Protocol) servers. They’re also collaborating with Anthropic and others to make an open-source registry that lists all MCP servers, not just ones on GitHub. https://lnkd.in/eMUqqCJG The MCP Registry turns AI integration into a plug-and-play experience. AI Architects benefit by being able to discover, trust, and deploy integrations faster, with consistent protocols and shared security standards.

🚨 Important Update for Kubernetes Users 🚨 The popular Kubernetes Ingress NGINX controller is officially retiring in March 2026 due to ongoing maintainership and security challenges. While the core NGINX web server you know and love is still actively maintained and widely used across the industry, this specific ingress controller will no longer receive updates or security patches after its retirement date. 🔍 What this means: - Ingress NGINX will enter end-of-life in March 2026. - No further bug fixes, features, or security updates will be provided. - Users running Ingress NGINX must plan their migration to alternative ingress solutions or Gateway API controllers to ensure continued security and support. This is a crucial reminder for Kubernetes cluster administrators to review their ingress strategies and migrate proactively before the deadline. Staying ahead with secure, supported ingress controllers helps maintain resilient and safe deployments. #Kubernetes #IngressNGINX #CloudNative #DevOps #Infrastructure #Security #KubernetesSecurity #NGINX #TechUpdate

So there I was, feeling confident, spinning up a simple web server inside OpenShift. Everything looked perfect. The build passed, the image pushed, the pod deployed... Then — boom CrashLoopBackOff. “But it worked on my laptop!” Classic moment, right? 😅 After a bit of oc logs and oc events, I found the culprit: My Apache server was trying to listen on port 80, a privileged port. And OpenShift said: “Absolutely not. You’re not root here. Not even close.” 😎 Why did this happen? OpenShift implements Security Context Constraints (SCC) that enforce containers to run as non-root users. Ports below 1024 (like 80, 22, 443) are privileged, meaning they require root privileges to bind. Since OpenShift runs containers as non-root UIDs by default, my app couldn't claim those ports even if it could in Docker or locally. My fix: I changed the ports inside my Dockerfile: RUN sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf && \ Now my web server listens on 8080, Lesson learnt: OpenShift isn’t being strict — it’s being secure. ✅ No root containers ✅ No privileged ports ✅ No accidental escalations What looked like a crash was actually a security measure. So next time your pod won’t start, remember — it’s not rebelling, it’s just following Red Hat’s golden rule: “Security first, ego later.” 😅 #OpenShift #DevOps #RedHat #Containers #Kubernetes #CloudNative #Kubernetes #security #ContainerSecurity #TechHumor

💥 Give me 2 minutes, I'll try to explain the recent Ingress NGINX Controller issue. 🚨 ⛔ There's been a major announcement in the Kubernetes world: the Community-maintained Ingress NGINX Controller is officially retiring. ⁉️ What’s the Issue? The version of Ingress NGINX you install from the official Kubernetes documentation will reach its end-of-life in March 2026. This means no new releases, no bug fixes, and critically, no security updates after that date. Continuing to use it will accumulate technical debt and security risks. 😕 Why is this happening? 🤔 The main reason is a crisis in open-source sustainability. Despite its popularity, the project struggled for years with insufficient maintainers. The "tremendous flexibility" of the controller eventually became an "insurmountable technical debt" that few people were available to manage, especially concerning security flaws. ❌ What is NOT affected? The NGINX web server, NGINX Plus, or the official NGINX Ingress Controller maintained by F5/NGINX. That project continues to be actively supported. 🧠 Your Call to Action ➡️ If you are using the community version, start planning your migration now: The Recommended Path: Migrate to the Kubernetes Gateway API. This is the modern, expressive standard for Kubernetes networking. ✅ Immediate Alternatives: Switch to the official NGINX Ingress Controller, or other mature options like Traefik, Kong, or HAProxy. 💡 Don't wait until 2026—make your cluster future-proof today! #Kubernetes #DevOps #CloudNative #OpenSource #NGINX #GatewayAPI