TL;DR
Kubernetes v1.35 release removes cgroup v1 and containerd v1.X support, urging admins to migrate to newer versions and adopt enhancements like in-place Pod updates and OCI image volume support.
Key Points
Highlight key points with color coding based on sentiment (positive, neutral, negative).Kubernetes v1.35 will remove support for cgroup v1, requiring administrators to migrate to cgroup v2 to ensure compatibility, especially for nodes running on older Linux distributions.
The ipvs mode in kube-proxy is being deprecated due to maintenance challenges and technical debt, with nftables recommended as the preferred mode for Linux nodes.
Support for containerd v1.X will end with Kubernetes v1.35, urging users to upgrade to containerd 2.0 or later to maintain compatibility with future Kubernetes releases.
The release introduces the "node declared features" framework, allowing nodes to declare their supported features, which improves scheduling accuracy and prevents incompatible pod placements.
Kubernetes v1.35 will graduate the in-place update of Pod resources to General Availability, enabling users to adjust CPU and memory resources without restarting Pods, thus minimizing disruption to workloads.
Kubernetes v1.35 is just around the corner, and it's bringing a bunch of updates that developers and administrators will want to keep an eye on. This release, slated for December 17, 2025, is all about making cluster management more efficient and boosting performance. One of the big changes? Say goodbye to cgroup v1 support. If you're still using it, it's time to make the jump to cgroup v2. And if you're relying on ipvs mode in kube-proxy, you'll need to switch to nftables. Oh, and don't forget about containerd - if you're on v1.X, it's time to upgrade to containerd 2.0 or later to keep everything running efficiently.
But wait, there's more. Kubernetes v1.35 is also rolling out node declared features, which are designed to tackle those pesky version skew scheduling issues. By making node capabilities explicit, this feature aims to improve scheduling accuracy and boost cluster stability. Plus, in-place updates for Pod resources are finally graduating to General Availability. This means you can tweak CPU and memory resources without having to restart Pods, which is a big win for efficiency and minimizing disruptions.
And that's not all. Pod certificates for native workload identity are making their debut, along with numeric values for taints to support more complex scheduling needs. If you've been waiting for support to mount OCI images as volumes, your wait is over. The release also brings improvements in user namespaces for enhanced security and the ability to resize resources while a job is suspended. All these changes are set to make Kubernetes even more reliable and adaptable, so staying informed and prepared for these updates is important for effective cluster management.
Key Numbers
Present key numerics and statistics in a minimalist format.The minimum containerd release required to remain supported after Kubernetes v1.35, as containerd 1.x reaches end-of-life and loses compatibility in the next Kubernetes version.
Stakeholder Relationships
An interactive diagram mapping entities directly or indirectly involved in this news. Drag nodes to rearrange them and see relationship details.Organizations
Key entities and stakeholders, categorized for clarity: people, organizations, tools, events, regulatory bodies, and industries.Focuses on components that run on each node, contributing to the release of Kubernetes v1.35.
Responsible for the Kubernetes API server, contributing to the release of Kubernetes v1.35.
Handles storage-related features, contributing to the release of Kubernetes v1.35.
Deals with networking components, contributing to the release of Kubernetes v1.35.
Focuses on the command-line interface, contributing to the release of Kubernetes v1.35.
Manages cloud provider integrations, contributing to the release of Kubernetes v1.35.
Timeline of Events
Timeline of key events and milestones.Kubernetes made cgroup v2 support stable in v1.25, enabling a unified cgroup hierarchy and improved resource isolation compared to legacy cgroup v1.
Kubernetes introduced the in-place update mechanism for Pod CPU and memory resources as an alpha feature, allowing resource changes without pod restarts.
Linux User Namespaces reached beta maturity in v1.30, enabling safer privilege isolation and reducing container breakout risks.
The image volume type was added in v1.31, allowing Pods to mount data directly from OCI artifacts without init containers.
In-place resource updates for Pods moved from alpha to beta in v1.33, improving stability and adoption for dynamic resource tuning.
The OCI image volume capability matured to beta in v1.33, expanding support for distributing artifacts via container registries.
Kubernetes introduced Pod-issued certificates as an alpha feature, enabling native mTLS identity without external systems like cert-manager.
Kubernetes v1.35 plans to promote in-place resource updates to General Availability, making dynamic scaling fully stable.
The Pod Certificates feature is expected to progress to beta in v1.35, improving workload identity and automated certificate rotation.
The Node Declared Features framework will debut as alpha in v1.35, allowing nodes to explicitly publish their supported capabilities and reduce scheduling mismatches.
Kubernetes v1.35 adds support for numeric taint comparisons (Gt, Lt) enabling SLA-based scheduling and more expressive cluster policies.
Image volumes are expected to become enabled-by-default in v1.35 after progressing through alpha (v1.31) and beta (v1.33).
Kubernetes v1.35 marks the final release supporting containerd 1.X, requiring upgrades to containerd 2.0+ for future versions.
Kubeadm added the HTTPEndpoints field in ClusterConfiguration.Etcd.ExternalEtcd (API v1beta4), enabling more flexible multi-endpoint etcd setups.
The official Kubernetes v1.35 release is scheduled for December 17, 2025, pending final approval and stabilization.
Additional Resources
Enjoyed it?
Get weekly updates delivered straight to your inbox, it only takes 3 seconds!Subscribe to our weekly newsletter Kaptain to receive similar updates for free!
Give a Pawfive to this post!
Share with your friends and followers
Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.
Join other developers and claim your FAUN.dev() account now!
FAUN.dev()
FAUN.dev() is a developer-first platform built with a simple goal: help engineers stay sharp without wasting their time.
Kaptain #Kubernetes
FAUN.dev()
@kaptain
