Replacing Ingress NGINX

Switch to the Kubernetes Gateway API now with Airlock Microgateway

Discuss your migration

 

 

 

 

Free Community Edition

Ingress NGINX has been a key component in many Kubernetes environments for years. But with the shift towards the Kubernetes Gateway API, platform, DevOps and security teams need to reassess their ingress architecture: configurations, operational processes, monitoring, runbooks and responsibilities must be reviewed or adapted.

Turn the replacement into a security upgrade

Now is the right time not only to replace the existing ingress controller, but also to assess whether the current setup still meets the requirements of modern Kubernetes environments.

Today, platform teams need more than routing and TLS termination. They need a solution that supports the Gateway API, represents security declaratively, protects APIs, takes identities into account and integrates cleanly into DevSecOps and GitOps processes.

This is where Airlock Microgateway comes in: a Kubernetes-native solution for the Gateway API, Web Application and API Protection (WAAP) and identity-based access control.

Why Airlock Microgateway is the better option

Ingress NGINX Airlock Microgateway with Gateway API
Officially retired on 24 March 2026 Ready for what comes next
Built on Envoy and open standards: Gateway API, OIDC and Red Hat certification.
Ingress API is frozen – architectural dead end Gateway API
Kubernetes-native without annotations. Role-oriented configuration (Gateway API) and separation of concerns.
Critical 'Ingress Nightmare' CVEs Secure by Default
Allowlisting with OpenAPI or GraphQL validation. ICAP for malware and Bug Bounty tested deny rules.
Limited Authentication use cases Built-in identity & access control
Client certificate authentication, OIDC, token introspection, JWT/JWKS, Token Exchange, step-up authentication (MFA). 

 

Get to know Airlock Microgateway

Based on open standards

Airlock Microgateway is based on the Kubernetes Gateway API: an open, widely supported standard. This reduces dependencies on proprietary configuration models and keeps your architecture future-ready.

Broad Kubernetes ecosystem

Gateway API is supported by a growing Kubernetes ecosystem. For platform teams, this means fewer custom paths, better compatibility and easier integration into existing Kubernetes toolchains.

Built for platform and app teams

Gateway API separates infrastructure, gateway and application configuration more clearly than traditional Ingress setups. Platform teams can define central guardrails, while app teams manage their routes and service-specific requirements in a controlled way.

Security in the gateway model

With Airlock Microgateway, Gateway API goes beyond routing. It is combined with WAAP, API protection and identity-based access control to protect web applications, APIs and access directly in Kubernetes.

Contributions to the Gateway API

Airlock Microgateway does not just rely on the Kubernetes Gateway API. We also actively bring our security expertise into the further development of the standard – together with leading vendors such as Google, Microsoft, Red Hat and Isovalent. One example is BackendTLSPolicy in Gateway API 1.4. This extension helps describe TLS connections to backend services in a standardised way using Gateway API resources.

Make Gateway API part of your security strategy

With Airlock Microgateway, you bring key security capabilities closer to your Kubernetes workloads and integrate them into modern DevSecOps processes.

For your team, this means:

  • A modern Gateway API architecture instead of legacy Ingress
  • Protection for web applications and APIs directly in Kubernetes
  • Identity-based access control with OIDC, JWT and Token Exchange
  • Declarative configuration for GitOps and DevSecOps workflows
  • Professional support for production Kubernetes environments

The documentation shows how migration to the Gateway API works with Airlock Microgateway.

Plan your migration to the Gateway API

Use the replacement as an opportunity to discover Airlock Microgateway with Gateway API, WAAP and identity-based access control in one solution.

Try it in our virtual labs or request a demo. Our experts will get back to you shortly.

Book a demo

Ressources

Migration guide
Documentation
Airlock / Ergon contributions to the Gateway API
Try our virtual labs
Running Example on GitHub
Microgateway on GitHub

Bye-bye Ingress-NGINX, hello Gateway API

The Kubernetes Ingress era is coming to an end. What served as the de facto standard for years is increasingly turning into a security and architectural liability. Outdated concepts, a frozen specification, and critical vulnerabilities such as the “Ingress Nightmare” CVEs make one thing clear: action is required now. This article explains why the Kubernetes Gateway API, combined with Airlock Microgateway, is a decisive upgrade in security, stability, and long-term viability.

Read article

This website uses cookies
This website uses tracking and targeting technologies (e.g. cookies). Cookies necessary for the operation of the site are set. In addition, we use technologies to analyze access to our website and to personalize content and advertisements. By clicking "Accept all", you agree to the use of the above technologies and cookies (revocable at any time). Under "Settings" you can change your preferences and refuse data processing.
Necessary cookies enable you to navigate our website and provide its basic functionality. Without these cookies, essential functions cannot be provided.Statistics Cookies are used to record the use of our website statistically and to evaluate it for the purpose of optimizing our offer for you.Marketing cookies may be placed on our website by us or our advertising partners to build a profile of your interests and show you relevant content on our and third-party websites. To show you relevant content on third-party websites, we share this information with third parties, such as advertising platforms and social networks.
←  Back
ImprintPrivacy Policy

Information for you

-Our whitepapers-
White paper: The puzzle pieces of modern authentication

White paper: The puzzle pieces of modern authentication

Identity management is like a puzzle: you have to understand the big picture, identify the relevant pieces and put them together in the right order. This white paper shows how to do that.

 

Request white paper

Whitepaper: How to make cIAM a success

Increasing requirements for security and user-friendliness make Customer Identity and Access Management an essential. Read our whitepaper to find out how you can secure your competitive advantage with the right CIAM strategy.

 

Request whitepaper

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge