Video by CNCF [Cloud Native Computing Foundation] via YouTube
Ingress NGINX entered end-of-life in March 2026, leaving teams running it in production without a clear migration path. This session covers a real production migration from Ingress NGINX to Envoy Gateway in the cloud, featuring zero dropped requests, no application team involvement, and a complete cutover verified through continuous polling.
Andrew and Joachim walk through the full process: evaluating five alternative controllers against production requirements, validating in internal environments before touching the customer cluster, running both controllers in parallel on live infrastructure using weighted DNS, and executing the final cutover by shifting Route 53 weights rather than swapping DNS records.
Topics covered include annotation-to-HTTPRoute mapping, mTLS compatibility across controller options, parallel operation with Goldilocks, ExternalDNS integration for weighted routing, cert-manager behavior under Gateway API, and why weighted DNS eliminates the TTL risk that makes traditional cutovers dangerous.
Attendees leave with a repeatable playbook for zero-downtime Ingress migrations, a clear picture of where Envoy Gateway fits in the Kubernetes networking landscape today, and the specific patterns that make incremental traffic shifting safer than any hard cutover.