Gardener

Appearance

GEP-0057: Replace Nginx Ingress Shoot Addon with Traefik Extension ​

  • πŸ“Œ GEP Tracking Issue: https://github.com/gardener/enhancements/issues/57
  • πŸ“– GEP Link: https://github.com/gardener/enhancements/pull/59
  • ✍🏻 Author(s): @DockToFuture (Sebastian Stauch)
  • πŸ—“οΈ Presentation: 2026-04-20, 13:30 - 14:30 CEST
  • πŸŽ₯ Recording: https://youtu.be/v_MTCmd-PeU
  • πŸ‘¨β€βš–οΈ Decisions & Agreements:
    • Migration path with compatibility mode
      • Users can stay in the nginx compatibility mode forever if they like the annotations or do not want to invest the migration effort.
      • A migration from nginx compatibility mode to pure traefik ingress mode is possible, but requires a short downtime.
      • The migration from nginx-ingress to traefik in nginx compatibility mode can happen without downtime, i.e. both controllers running in parallel with the same backends. The switch in DNS is the actual migration.
    • Scope of the proposal in terms of cluster purpose
      • The Addon was only ever intended for non-productive clusters as the gardener team did not want to cover the version management of nginx-ingress allowing users to upgrade at their own pace.
      • The traefik extension is for now also intended for the same scope, i.e. non-productive clusters. Remove the hints about productisation of the extension from the proposal.
      • It is intended to extend the scope of the extension to productive clusters once there are decisions about version management and lifecycle management available, but this is not part of this proposal.
    • Gateway API
      • Gateway API is not on the immediate roadmap for the traefik extension. It might come later, though.
      • An extension for Gateway API is planned, but the decision on the operator/reverse proxy is independent of this proposal.
    • Risk of traefik CRDs already being installed in the cluster
      • For now, migration from self-managed traefik to gardener-managed traefik is out of scope. If it becomes a real problem it can be reconsidered.
    • How does the traefik extension change the plan for the overall nginx-ingress removal in gardener?
    • We can continue with the proposal and implement it as optional extension for non-productive clusters.
EU and German government funding logos

Funded by the European Union – NextGenerationEU.

The views and opinions expressed are solely those of the author(s) and do not necessarily reflect the views of the European Union or the European Commission. Neither the European Union nor the European Commission can be held responsible for them.

Copyright Β© Linux Foundation Europe.

GEP-0057: Replace Nginx Ingress Shoot Addon with Traefik Extension | Gardener is a project of the Open Component Model Community. For applicable policies including privacy policy, terms of use and trademark usage guidelines, please see https://linuxfoundation.eu. Linux is a registered trademark of Linus Torvalds.

Building this site is powered by
Terms of Use|Privacy Statement|Legal Disclosure