Week Ending January 04, 2026

Developer News

Happy New Year! Welcome to another year of Kubernetes development. This year will bring us versions 1.36, 1.37, and 1.38. And what better way to start the year off than cleaning up your failing test jobs? Infra has reorganized the test dashboards to make failing jobs easier to find.

The Kubernetes Dashboard project is now archived and no longer being maintained. Users are encouraged to switch to Headlamp, which has been moved to the Kubernetes SIG-UI.

Release Schedule

Next Deadline: Release Cycle Starts, soon

The 1.36 Release Cycle will begin soon. In the meantime, if you want to join the Release Team, the Shadow Application is open.

Cherry-picks for the next patch releases are due this Friday.

Featured PRs

135777: Enable WatchCacheInitializationPostStartHook by default

This PR enables the WatchCacheInitializationPostStartHook by default in the apiserver, improving the reliability of watch cache initialization during startup. By ensuring the watch cache is properly initialized before the apiserver becomes ready, this change strengthens startup guarantees and reduces subtle race conditions affecting watch behavior.

Other Merges

• WatchFromStorageWithoutResourceVersion feature gate removed
• validation-gen to automatically skip validation generation for List objects
• Prevent nil pointer dereference in HandlePodUpdates
• Fix delayed ResourceClaim creation when ResourceClaimTemplate is created after the Pod
• Unit test flake fixes to DRA scheduler
• client-go tests to support List+Watch with ResourceVersion
• Fix for panic in kubectl exec when terminal size queue delegate is uninitialized
• SchedulerAsyncAPICalls feature gate disabled due to performance issues caused by API client throttling
• armon/circbuf replaced with k8s.io/utils/buffer
• kubeadm removed usage of deprecated flags --pod-infra-container-image, --experimental-initial-corrupt-check and --experimental-watch-progress-notify-interval
• WatchCacheInitializationPostStartHook turned on by default
• Ginkgo wrappers made optional in e2e framework
• SELinux warning controller to not emit events for completed pods
• Fix for flake in TestDeviceTaintRule test
• New utility cmd/genfeaturegates for summarizing feature gates
• Long standing issue where the filesystem size verification test was skipped or failing on Windows has been fixed
• kubeadm to not sort extraArgs alphanumerically
• Fix for dra_operations_duration_seconds metric recording inverted values for is_error label
• kubeadm added the --allow-deprecated-api flag to kubeadm config validate
• nomaps rule for Kube API Linter enabled
• Several apimachinery components updated to use informer.RunWithContext instead of the legacy Run method
• integers rule for Kube API Linter enabled
• Scheduling duration collector added to scheduler_perf
• client-go bearerAuthRoundTripper to concatenate strings instead of using fmt.Sprintf
• ImageLocality plugin to account ImageVolume images when scoring nodes for pod scheduling
• volumeattachment cleanup fixed when CSI's attachRequired switches from true to false

Promotions

• NodeLocalCRISocket to GA

Version Updates

• cAdvisor to v0.55.1

Subprojects and Dependency Updates

• CoreDNS v1.14.0 focuses on security hardening and operational reliability. The release introduces a regex length limit to reduce resource-exhaustion risks, fixes static analysis warnings, and improves plugin behavior across errors, file, kubernetes, metrics, azure, and sign. Notable updates include Kubernetes API rate limiting, clearer SOA handling, consolidated error reporting with the new show_first option, enhanced metrics with plugin chain tracking, and additional security fixes documented in the accompanying advisory.
• CRI-O v1.34.4 delivers a small but important patch update for the 1.34 release line. It fixes CPU affinity handling when CPU load balancing is disabled, ensures user-specified SELinux labels are respected for systemd and init containers, and updates release documentation related to artifact signing and bundles.
• CRI-O v1.33.8 continues maintenance for the 1.33 series with documentation updates to align with the new cosign bundle format and a fix to correctly respect user-defined SELinux labels in systemd and init containers.
• CRI-O v1.32.12 provides a documentation-focused patch release for the 1.32 branch, aligning release metadata with updated cosign bundle usage while keeping dependencies unchanged.
• Prometheus v3.9.1 fixes stability issues in the agent and scraping pipeline, including a crash shortly after startup caused by invalid object types and incorrect behavior of relabel keep/drop rules.
• Prometheus v3.9.0 marks a major milestone by promoting Native Histograms to stable. The release removes the experimental feature flag in favor of the scrape_native_histograms configuration option, adds new APIs and Promtool capabilities, introduces multiple TSDB, scraping, and UI enhancements, improves performance across PromQL and storage paths, and delivers a large set of correctness fixes in querying, remote read/write, histograms, and the web UI.

Shoutouts

• Drew Hagen -- Kubernetes v1.35 is live This has been a delightfully epic journey, cutting a new branch from the World Tree together. I’m incredibly proud of the party of heroes who made the Timbernetes release possible. Release Lead Shadows @Jenny Shu @Rajalakshmi Girish @Ryota @Dipesh Outstanding work. We truly could not have done this without you. You were the heart, engine, and connective tissue of this release. You took initiative, deeply tracked the details that mattered, and provided steady support to both me and the subteam leads. Your experience, judgment, and triage instincts consistently moved the release forward. It was a privilege to lead knowing you had my back. Enhancements :timber-needs-work: @rayandas @dchan @aibarbetta @Subhasmita @jmickey Coming into the cycle with a heavy workload from day one is no small challenge, and on top of that you took on the brand new responsibility of implementing the first PRR Freeze. You handled both with momentum and care. Thanks to your jumpstart and follow through, 60 new enhancements landed in this release, grounding Kubernetes as a strong, forward-looking infrastructure platform. Communications @Graziano Casto @chad @Aakanksha Bhende @Swathi Rao @Arujjwal I hadn’t previously worked in Release Comms, so I fully delegated this area and placed a lot of trust in your hands. That trust was very well placed. Working with you showed me how challenging it is to navigate the full breadth of enhancements, decide what truly stands out, and turn that into clear, coherent blogs and reviews. Thank you for coordinating across SIGs, keeping users front and center, and working closely with the CNCF to communicate this release thoughtfully. Release Signal :timber-green::timber-red::timber-purple: @ChengHao Yang (tico88612) @Amim Knabben @Ben Petersen @Keisuke Ishigami @adil @Prajyot Parab @Archie I’ve always admired the depth and rigor of Release Signal work. Digging into issues, extracting context from CI tests and logs, tracking history across GitHub, coordinating with SIGs on Slack, and stitching together many tools is serious craft. Knowing you were on point was deeply reassuring. I’m very proud of those of you I had the privilege to work with in v1.32, as well as the newcomers who joined along the way. Seeing you go even further, not only pitching improvements but making them real through building additional tooling like SignalHound to reduce toil, is genuinely impressive. I’m excited to see how Kubernetes CI continues to evolve. Docs @Urvashi @kernel-kun @yudocaa @anshuman @Khang Nguyen @Orlix From start to finish, you operated with remarkable consistency and ease. Docs demands steady effort, and you delivered at every step. From weekly branch syncs, to identifying user-impacting KEPs, to producing release notes after each branch cut, and coordinating reviews ahead of Docs Freeze, you moved through each milestone smoothly and calmly. Thanks to you, Kubernetes users are met with clarity and care. Branch Management @Angelos Kolaitis @Sreeram Venkitesh @dchan @Michelle Nguyen @elieser1101 Release Branch Management is still an evolving and sometimes opaque part of the release, which made it especially meaningful to see how willingly you stepped into it. It was clear how available and determined you were to work through the full sequence of cutting releases, even when that meant digging deep into logs, commands, and code. Troubleshooting tooling issues, identifying gaps, and getting each cut out took persistence and patience, sometimes late into the night. Your steady effort kept the release moving, and it did not go unnoticed. Leads Special thanks to @jimangel and @xmudrii for ongoing support. @xmudrii was consistently available and a joy to work with, bringing deep knowledge and a calm, easy-going presence that was exactly what you want when navigating a labyrinth like release branch management. I'd love to work with you more in the future. @Kat Cosgrove thank you for trusting me to lead this team and for helping assemble such an incredible group of people I could rely on. I truly could not have done this without them and without you. Even as 2025 brought transitions and high stakes that naturally brought me some nerves, you were consistently encouraging, empowering, and supportive. This is an experience I will look back on with deep gratitude for the rest of my life. Congratulations again on the Steering election. This is incredibly well deserved, and I’m excited to see the project grow with your guidance. A special thank-you to @justaugustus (is in Japan til 12/18) for your encouragement, coaching, mentorship, and for always having our backs. Every time I get to spend time with you, it’s genuinely a blast, and I come away having grown from your thoughtful, wise, and experienced perspective. Shoutout to @Vyom Yadav, @Nina Polshakova , @fsmunoz and @Angelos Kolaitis for your strong leadership by example, and for having fun with me along the way. A heartfelt thank-you to everyone here, and to the many others across SIGs and the community who supported, taught, reviewed, tested, nudged, and encouraged us along the way. This release is stronger because of you. I’ve been part of Release Team since v1.27, and I’ve grown a great deal since. There is still so much to learn, and thanks to the people, friendships, and shared care in this project, I’m excited to continue the journey. The energy I poured into this release, especially hand-drawing the v1.35 theme and logo, is dedicated to the heroes I see in each of you. Can’t wait to see you all around.
• ChengHao Yang -- Shoutout to @Amim Knabben @Archie @Ben Petersen @adil @Keisuke Ishigami @Prajyot Parab We appreciate your participation during this period. We tracked 55 flaky and failing tests, completed bug triage, and met every release cut's Go/No-Go deadline on time. I'm very fortunate to have such excellent team members involved. Thank you all again!