Carlos Santana’s Post

Perfect timing! 🎯 This Kubernetes v1.35 sneak peek comes in handy as I'll be speaking with many Amazon EKS customers next week at AWS re:Invent The upcoming Kubernetes v1.35 release (planned for December 17, 2025) brings several exciting enhancements that EKS users should know about: 🔧 Featured Enhancements: Node Declared Features (Alpha) - Nodes can now explicitly declare their supported Kubernetes features through a new .status.declaredFeatures field. This solves version skew scheduling issues during cluster upgrades, reducing manual node labeling and preventing incompatible pod placements. In-Place Update of Pod Resources (→ GA) - Adjust CPU and memory resources without restarting Pods or containers. This graduated from alpha (v1.27) → beta (v1.33) → and is now targeting GA in v1.35, enabling smoother vertical scaling with zero disruption. Pod Certificates (Alpha → Beta) - Native workload identity with short-lived certificates mounted via projected volumes. No more relying solely on external projects like SPIFFE/SPIRE for mTLS-based pod-to-pod authentication. Numeric Values for Taints - New comparison operators (Gt, Lt) enable SLA-based scheduling. Pods can now tolerate nodes meeting numeric thresholds, with automatic eviction if values drop below requirements. User Namespaces (Continued Beta) - Dynamically remap container root (UID 0) to unprivileged host UIDs, drastically reducing the attack surface for container breakout vulnerabilities. OCI Image Volumes (Beta → Default) - Mount OCI artifacts directly as volumes, perfect for distributing data, binaries, or ML models without bundling them into container images. ⚠️ Important Deprecations: • cgroup v1 support removed (migrate to cgroup v2) • kube-proxy ipvs mode deprecated (use nftables) • containerd v1.x support ends (upgrade to 2.0+) Looking forward to discussing how these changes impact EKS deployments and cloud-native architectures at re:Invent! #Kubernetes #K8s #AWS #reInvent #AmazonEKS #CloudNative #CNCF #EKS