Kubernetes v1.36: Key Changes You Need to Know
Kubernetes v1.36 is set to arrive at the end of April 2026, and it’s crucial to be aware of the changes that could affect your production environments. With a focus on safety and security, the Kubernetes project is implementing a well-documented deprecation policy. This means that stable APIs can only be deprecated when a newer, stable version is available, and they have a minimum lifetime for each stability level. This structured approach helps you plan migrations effectively and avoid sudden disruptions.
Among the notable changes is the retirement of the externalIPs field in Service specifications. This deprecation means you’ll soon lose a straightforward method to route arbitrary external IPs to your services, with full removal planned for v1.43. Additionally, the gitRepo volume plugin, which has been deprecated since v1.11, will be permanently disabled in v1.36. This change emphasizes the need for alternative volume management strategies. On a positive note, Kubernetes v1.36 introduces SELinux volume mounting improvements, allowing for more efficient label application at mount time, which can enhance security posture.
In production, these changes require proactive planning. Make sure to audit your existing configurations for deprecated features like externalIPs and gitRepo. Prepare to transition to supported alternatives well before the removal dates to avoid service disruptions. The deprecation policy helps, but it’s on you to stay ahead of these changes and adapt your architecture accordingly.
Key takeaways
- →Understand the deprecation policy to manage API changes effectively.
- →Prepare for the removal of the externalIPs field by exploring alternative routing options.
- →Transition away from the gitRepo volume plugin as it will be permanently disabled.
- →Leverage the new SELinux volume mounting improvements for better security.
- →Stay informed about version updates to avoid unexpected disruptions.
Why it matters
These changes can significantly impact how you manage network routing and volume configurations in Kubernetes. Failing to adapt could lead to service outages or security vulnerabilities in your applications.
When NOT to use this
The official docs don't call out specific anti-patterns here. Use your judgment based on your scale and requirements.
Want the complete reference?
Read official docsUnified observability — logs, uptime monitoring, and on-call in one place. Used by 50,000+ engineering teams to ship faster and sleep better.
Try Better Stack free →Zero-Downtime Migration: From Ingress NGINX to Envoy Gateway
Migrating from Ingress NGINX to Envoy Gateway without downtime is crucial for maintaining service continuity. By leveraging weighted DNS records, you can run both systems simultaneously and control traffic flow seamlessly. This article breaks down the practical steps to achieve this migration effectively.
Mastering Ingress Request Tracing for Multi-Tenant SaaS on Kubernetes
In a multi-tenant SaaS environment, understanding request flows is crucial for maintaining performance and reliability. By implementing end-to-end ingress request tracing, you can track customer requests through your services using Trace IDs and Span IDs.
Building a Cloud Native Platform: Kairos, k0rdent, and bindy in Action
Creating a cloud native platform from scratch can be daunting. With Kairos, you get an immutable Linux distribution that boots from OCI images, ensuring consistency. Dive into how k0rdent and bindy enhance your Kubernetes management and DNS operations.
Get the daily digest
One email. 5 articles. Every morning.
No spam. Unsubscribe anytime.