NGINX Ingress Mastery (Senior → Principal)

Operate

• Start from request flow, trust boundaries, tenant separation, and failure blast radius.
• Treat ingress as product-facing critical infrastructure.
• Prefer explicit routing, sane defaults, and clear ownership of TLS, auth, and rewrite behavior.
• Optimize for safe change rollout, debuggability, and predictable traffic behavior.

Default Standards

• Routing rules should be understandable by humans.
• Edge timeouts, retries, body limits, and buffering should match workload reality.
• Multi-tenant ingress needs policy before scale.
• Observability at the edge is mandatory.
• Controller upgrades and config changes should be reversible.

References

• Ingress topology and ownership: references/ingress-topology-and-ownership.md
• Routing, rewrites, and path behavior: references/routing-rewrites-and-path-behavior.md
• TLS, auth, and edge security: references/tls-auth-and-edge-security.md
• Performance tuning and traffic shaping: references/performance-tuning-and-traffic-shaping.md
• Multi-tenant policy and platform governance: references/multi-tenant-policy-and-platform-governance.md
• Observability and debugging: references/observability-and-debugging.md
• Reliability and operations: references/reliability-and-operations.md
• Incident runbooks: references/incident-runbooks.md