diff --git a/README.md b/README.md
index 3c1c713afaa0da551223490b25b37de1030e9dd0..7ab1141e0d5fe4fd5f501a4d905cb4c3738d0aa4 100644
--- a/README.md
+++ b/README.md
@@ -104,7 +104,7 @@ Supported Components
 -   Application
     -   [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v1.1.0-k8s1.10
     -   [cert-manager](https://github.com/jetstack/cert-manager) v0.4.0
-    -   [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.16.2
+    -   [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.17.1
 
 Note: kubernetes doesn't support newer docker versions. Among other things kubelet currently breaks on docker's non-standard version numbering (it no longer uses semantic versioning). To ensure auto-updates don't break your cluster look into e.g. yum versionlock plugin or apt pin).
 
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index be0d6800b8e42bcf363e5c8099898b1810eabed1..0f765597d5894e39cab681a19bc969fcc0a1aad4 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -157,7 +157,7 @@ local_volume_provisioner_image_tag: "v2.0.0"
 cephfs_provisioner_image_repo: "quay.io/external_storage/cephfs-provisioner"
 cephfs_provisioner_image_tag: "v1.1.0-k8s1.10"
 ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller"
-ingress_nginx_controller_image_tag: "0.16.2"
+ingress_nginx_controller_image_tag: "0.17.1"
 ingress_nginx_default_backend_image_repo: "gcr.io/google_containers/defaultbackend"
 ingress_nginx_default_backend_image_tag: "1.4"
 cert_manager_version: "v0.4.0"
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
index 5d141d4ffdee67fb9b2b57129b3dd6ef950899f7..06875464241947242dfaf172f225f5cc6e9ec939 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
@@ -41,7 +41,6 @@ spec:
             - --configmap=$(POD_NAMESPACE)/ingress-nginx
             - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
             - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
-            - --publish-service=$(POD_NAMESPACE)/ingress-nginx
             - --annotations-prefix=nginx.ingress.kubernetes.io
           securityContext:
             capabilities:
@@ -86,5 +85,3 @@ spec:
             periodSeconds: 10
             successThreshold: 1
             timeoutSeconds: 1
-          securityContext:
-            runAsNonRoot: false