Kubernetes v1.36 Haru - Security, GPUs and Observability Grow Up

Kubernetes 1.36 Haru marks a pivotal step for the container orchestration platform, delivering a blend of security hardening, AI‑ready hardware support, and deeper observability. The GA of fine‑grained kubelet API authorization and external ServiceAccount token signing addresses long‑standing concerns around privilege escalation and key management, making the platform more palatable for regulated industries such as finance and healthcare. By moving these controls to stable status, enterprises can adopt Kubernetes with greater confidence that compliance requirements will be met without extensive custom tooling.

On the performance front, Haru introduces Resource Health Status for the Dynamic Resource Allocation (DRA) framework, giving operators a native view into GPU and accelerator health directly from standard Kubernetes APIs. Coupled with the alpha‑stage Workload‑Aware Scheduling, which treats related AI training pods as a single atomic group, the release reduces wasted compute cycles and simplifies large‑scale model training deployments. These hardware‑centric enhancements signal that Kubernetes is evolving from a generic scheduler into a platform that can natively manage specialized resources, a trend that will accelerate as AI workloads dominate cloud consumption.

Observability also receives a boost: Pressure Stall Information (PSI) metrics become stable, providing granular insight into CPU, memory, and I/O pressure, while ComponentStatusz and ComponentFlagz endpoints move to beta, exposing real‑time component configurations. Native histogram support, now in alpha, promises finer‑grained monitoring data without the overhead of static buckets. Together, these features lower the operational burden on teams, allowing them to focus on business logic rather than plumbing, and reinforce Kubernetes’s role as the foundational layer for modern, cloud‑native infrastructure.