6 result(s)
Kubernetes v1.36 is planned for April 22, 2026 and includes API deprecations/removals plus several feature graduations. Notable changes are deprecating Service .spec.externalIPs, disabling the gitRepo volume driver, and promoting SELinux volume labeling and external ServiceAccount token signing to GA.
Ingress2Gateway 1.0 is a stable migration assistant for moving from Ingress to Gateway API, with expanded Ingress-NGINX annotation support and more detailed warnings for unsupported or lossy translations. The release emphasizes controller-level integration tests and safer migration workflows, including manual review, validation in a dev cluster, and gradual traffic shifting.
Kubernetes SIG Apps is developing Agent Sandbox, a new API for singleton, stateful AI agent workloads that need persistent identity, isolation, and suspend/resume behavior. The project adds a Sandbox CRD plus extensions like warm pools to reduce cold starts and support untrusted code execution.
The post recommends securing production Kubernetes debugging with least-privilege RBAC, short-lived identity-bound credentials, and a just-in-time access gateway instead of shared bastions, cluster-admin access, or long-lived SSH keys. It outlines practical patterns for namespace-scoped roles, group-based bindings, OIDC or client-certificate auth, and gateway-mediated sessions with audit logging and automatic expiration.
Kubernetes rewrote the core of its image promoter (kpromo/promo-tools), removing legacy code and splitting promotion into distinct phases. The new pipeline improved performance and reliability, shipped in v4.2.0–v4.4.0, and kept user-facing flags and manifests unchanged.
Kubernetes has formed a new AI Gateway Working Group to define standards and best practices for Gateway API-based networking infrastructure tailored to AI workloads.