Announcing Etcd 3.7.0-beta.0
SIG‑Etcd released the first beta of etcd v3.7.0, featuring the long‑awaited RangeStream RPC, a full removal of legacy v2store code, and updates to bbolt and raft libraries. RangeStream enables applications to receive large key‑value result sets in chunks, cutting latency and stabilizing memory consumption. The release also marks the end‑of‑life for etcd 3.4, prompting users to plan upgrades to supported versions. The project is calling on the community to test the beta and report issues through GitHub, Slack, or the mailing list.
Kubernetes v1.36: New Metric for Route Sync in the Cloud Controller Manager
Kubernetes v1.36 adds an alpha counter metric `route_controller_route_sync_total` to the Cloud Controller Manager (CCM) route controller, tracking each route synchronization with the cloud provider. The metric supports the `CloudControllerManagerWatchBasedRoutesReconciliation` feature gate introduced in v1.35, which switches the controller from a...
Kubernetes v1.36: Server-Side Sharded List and Watch
Kubernetes 1.36 adds an alpha‑stage server‑side sharded list and watch feature, letting the API server filter resource events before they reach controller replicas. By passing a shardSelector in ListOptions, each replica receives only the hash range it owns, cutting CPU,...
Kubernetes v1.36: Pod-Level Resource Managers (Alpha)
Kubernetes 1.36 introduces pod‑level resource managers in alpha, extending the kubelet’s Topology, CPU, and Memory managers to allocate resources at the pod scope rather than per‑container. This hybrid model lets primary containers receive exclusive, NUMA‑aligned CPU and memory while sidecars...
Kubernetes v1.36: In-Place Vertical Scaling for Pod-Level Resources Graduates to Beta
Kubernetes 1.36 promotes In‑Place Pod‑Level Resources Vertical Scaling to beta, enabling default‑on resizing of a pod’s aggregate CPU and memory without always restarting containers. The feature is gated by InPlacePodLevelResourcesVerticalScaling and works with the existing pod‑level resource model introduced in...
Kubernetes v1.36: Staleness Mitigation and Observability for Controllers
Kubernetes 1.36 adds a suite of staleness‑mitigation tools for controllers, anchored by the new AtomicFIFO queue and the LastStoreSyncResourceVersion() API. Four high‑contention controllers—DaemonSet, StatefulSet, ReplicaSet and Job—now verify cache freshness before reconciling, automatically skipping actions when the cache lags. The...
Kubernetes v1.36: Mutable Pod Resources for Suspended Jobs (Beta)
Kubernetes v1.36 promotes mutable pod resources for suspended Jobs to beta, allowing CPU, memory, GPU and extended resources to be edited while a Job remains suspended. The change relaxes the long‑standing immutability of pod templates, letting queue controllers or admins...
Kubernetes v1.36: User Namespaces in Kubernetes Are Finally GA
Kubernetes 1.36 makes User Namespaces generally available, a Linux‑only feature that lets pods run with root privileges confined to a user namespace. Setting hostUsers:false isolates capabilities such as CAP_NET_ADMIN to the container, preventing host‑wide escalation. The GA release relies on...
Announcing Ingress2Gateway 1.0: Your Path to Gateway API
SIG Network announced Ingress2Gateway 1.0, a migration assistant that converts Kubernetes Ingress‑NGINX resources into Gateway API manifests. The release expands support to over 30 common NGINX annotations and adds extensive integration testing that validates runtime behavior across controllers. It also...
Running Agents on Kubernetes with Agent Sandbox
The AI landscape is shifting from brief, stateless inference calls to long‑running, coordinated agents that require persistent state and secure execution. Traditional Kubernetes objects like StatefulSets struggle to manage thousands of singleton agents efficiently. The open‑source Agent Sandbox project introduces...
The Invisible Rewrite: Modernizing the Kubernetes Image Promoter
The Kubernetes image promoter (kpromo) was completely rewritten, shedding about 20% of its code and adopting a modular, seven‑phase pipeline. The nine‑step effort introduced adaptive rate limiting, clean interfaces, a dedicated pipeline engine, and native SLSA provenance, vulnerability scanning, and...
Before You Migrate: Five Surprising Ingress-NGINX Behaviors You Need to Know
Kubernetes will retire the community‑maintained Ingress‑NGINX controller in March 2026, prompting users to migrate to alternatives such as Gateway API. The blog outlines five unexpected Ingress‑NGINX behaviors—case‑insensitive regex matching, global use‑regex impact, implicit regex from rewrite‑target, automatic trailing‑slash redirects, and URL...