Kubernetes 1.34 is now generally available, but most organizations aren't running it yet. No rush here, but it’s great to look ahead. The Kubernetes community and leading managed services, such as Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and the team here at Fairwinds, routinely recommend organizations maintain a stable posture, upgrading to N-1 or even N-2 versions, to ensure maturity, broad ecosystem compatibility, and a smoother upgrade experience. If your team is already preparing to move to Kubernetes 1.33, you are both industry-aligned and well-positioned to benefit from major advancements while also minimizing risk.
Why It’s Smart to Lag Behind the Latest Release
- Production Stability: Each new Kubernetes release introduces compelling features, but the earliest adopters also take on more risk with unidentified bugs, inevitable ecosystem lag, and likely integration issues. Most production-grade organizations, especially those supporting artificial intelligence (AI) and machine learning (ML) at scale, let the broader community test-drive a version before trusting it to reliably power their critical workloads.
- Cloud Provider Timelines: Managed Kubernetes providers (GKE, EKS, and AKS) generally conduct additional compatibility checks and integration testing, so it can take weeks or months to certify and roll out support for new versions. Running the latest upstream release is relatively rare in production settings.
- Ecosystem Updates: Supporting tools (service mesh, monitoring, security add-ons, storage, and CI/CD) need time to update for full compatibility and adopt new features, especially when core application programming interfaces (APIs), controllers, or resource behaviors change.
Kubernetes 1.34: Upgrade Highlights & Considerations
Kubernetes 1.34, codenamed Of Wind & Will (O' WaW), does not introduce any removals or critical API deprecations, making the upgrade process less disruptive for teams than some prior releases.
It does, however, include a lot of enhancements that we’ll be able to take advantage of in the coming months.
Major Features and Enhancements in Kubernetes 1.34
- Dynamic Resource Allocation (DRA) Stable: Now generally available, DRA provides a standardized workflow for just-in-time selection, allocation, and sharing of devices, including graphics processing units (GPUs), field-programmable gate arrays (FPGAs), and network interface cards (NICs), via ResourceClaim-based scheduling. By enabling multi-pod device sharing and tracking consumable device capacity, DRA significantly boosts cluster utilization and helps minimize hardware spending for AI and ML workloads.
- Production-Ready Kubelet and API Server Tracing: OpenTelemetry-powered distributed tracing for both the kubelet (the node agent) and the Kubernetes API server provides deep, end-to-end visibility across the kubernetes infrastructure. This enables better debugging, faster root cause analysis, easier latency and performance troubleshooting, and most importantly unifying node and control-plane event tracing.
- VolumeAttributesClass Is Stable: Clusters can now use the VolumeAttributesClass API to generically modify volume parameters, such as input/output operations per second (IOPS), on the fly (if supported by the Container Storage Interface (CSI) driver). This can significantly reduce advance planning and operational friction for AI/ML project teams and enable teams to balance cost and performance in real time.
- Structured Authentication Configuration: Managing API server client authentication is now easier, with a stable configuration file format supporting multiple JavaScript Web Token (JWT) authenticators, Common Expression Language (CEL) validation, dynamic reloads, improving auditability and management.
- CEL Mutating Admission Policies (Alpha): Express custom mutating admission logic directly in the Kubernetes API server using CEL, which drastically reduces the need for operationally heavy external webhooks and streamlines complex admission scenarios.
- Finer-Grained Authorization by Selector: Kubernetes authorizers, such as webhook and node authorizers, now support field and label selectors in authorization policies. This enables least-privilege access controls for batch requests such as list, watch, or deletecollection, ideal for custom multi-tenant or high-security clusters.
- Pod Authentication via Mutual Transport Layer Security (mTLS) (Alpha): Pods can now authenticate to the Kubernetes API server using built-in mTLS certificates, improving security and paving the way for more secure, composable service architectures.
- Relaxed Domain Name System (DNS) Search String Validation: Kubernetes now supports more flexible DNS configurations, accommodating real-world and legacy setups that previously ran into strict validation roadblocks with uncommon patterns.
Scheduler, Observability, and Performance
- Asynchronous Scheduler API Calls (Beta): The Kubernetes scheduler improves throughput and reduces latency by performing more API calls asynchronously, resulting in more responsive resource allocation and better integration with cluster observability.
- NominatedNodeName for Pod Placement (Alpha): Unscheduled pods now expose the node they are likely to be scheduled on through the NominatedNodeName field, helping teams anticipate resource bottlenecks and employ predictive dashboards or scheduling alerts.
Usability, DevOps, and Day-2 Operations
- New Container Restart Rules: Developers can customize restart logic for containers, tailoring how Kubernetes responds to crashes or termination for improved application resilience.
- Ordered Namespace Deletion and Streaming List Responses: Kubernetes now assures that namespace deletion occurs in a predictable order, and encoded streaming of list API responses increases reliability in large-scale clusters.
- Kubernetes YAML (KYAML) (Alpha): KYAML, a Kubernetes-focused YAML format, debuts to provide safer, more predictable manifest rendering and reduce configuration errors, with kubectl preview support for resource definition.
Preparing for Kubernetes 1.34
- Update accounting to policy: Make sure your team has a policy regarding upgrade cadence and have a standard plan that works through the upgrade items.
- Test Dynamic Resource Allocation (DRA) and VolumeAttributesClass: Validate new scheduling and runtime volume attribute modifications in a non-production environment, especially for AI and ML workloads.
- Adopt Observability Features: Incorporate new tracing and asynchronous scheduler APIs into observability workflows.
- Pilot KYAML Early: Start linting and previewing manifests for improved configuration hygiene. To preview objects in Kubernetes YAML (KYAML) before upgrading, use kubectl version 1.34 (supported for clusters running version 1.32 and up). Enable it with the environment variable KUBECTL_KYAML=true, then run commands such as kubectl get deployment <name-of-deploy> -o kyaml to see current cluster objects in the KYAML format. This helps validate configuration safety and reduces risk by surfacing problems ahead of migration.
- Update your tools: Tools that communicate or deploy to your cluster may need to be updated in order to use the newly released features.
- Update Authorization and Authentication: Review and adapt cluster policies to make effective use of field selector-based rules and structured authentication configs.
- Track Feature Promotions: Keep up with features that graduate from alpha or beta as they become certified stable, and plan your adoption accordingly.
For the complete list of features and in-depth upgrade guidance, refer to the Kubernetes 1.34 Release Notes & Tracker.
Not sure how to decide when to upgrade or how to implement an upgrade successfully? Fairwinds Managed Kubernetes-as-a-Service builds and maintains secure, resilient Kubernetes infrastructure so you can focus on your applications and services.