Another Growth Ring on the World Tree – Kubernetes v1.35 "Timbernetes"

December 18, 2025

Kubernetes continues to grow, release by release, and with v1.35, another strong growth ring is added to the project’s ever-evolving “World Tree.”

Closing out 2025, Kubernetes v1.35 (codenamed Timbernetes) reflects the maturity, resilience, and steady innovation of the ecosystem. Inspired by Yggdrasil, the mythological world tree, this release highlights how Kubernetes is shaped by a global community that carefully prunes old APIs, strengthens core foundations, and introduces new capabilities to meet modern workload demands.

Let’s explore what’s new.

Kubernetes v1.35 includes 60 enhancements in total, specifically:

17 features graduating to Stable (GA)
19 features promoted to Beta
22 new Alpha features

As always, the release also introduces important deprecations and removals that platform teams should review before upgrading.

Highlights from project members

In this blog post, we asked three of our engineers who are extensively involved in the Kubernetes project to share their key highlights. For a complete overview of all changes, we recommend checking out the official release announcement and the 1.35 changelog.

“The OCI image volume source is now enabled by default in Kubernetes 1.35 as it continues its path to graduation in upcoming releases, simplifying how teams manage data-intensive workloads like AI and machine learning. By allowing Pods to mount OCI artifacts and images directly as volumes, you can decouple machine learning models from your application code instead of baking them into a single, bloated runtime image. This significantly reduces image sizes and removes the need for the complex init containers or custom scripts previously required to fetch data at startup.”.
— Marko Mudrinić is Tech Lead of SIG K8s Infra, a CNCF Ambassador, and Kubernetes Release Engineering Subproject Lead

“Kubernetes 1.35 just made life a lot easier with in-place Pod resource updates now hitting General Availability. You can finally tweak CPU and memory for your running Pods without a restart, which is huge not only for people running AI/MLOps workloads/batch jobs but also for anyone dealing with stateful apps (e.g., databases) that really don’t like being interrupted. Before this, changing resources meant recreating Pods, which was error-prone and could mess up your workloads at the worst possible times.”
— Koray Oksay is a CNCF Ambassador, Kubeastronaut, and part of SIG K8s Infra

“The new Kubernetes Release is again a big win for everyone running AI or HPC jobs. introducing native gang scheduling that ensures your Pods launch together or not at all. This finally solves the headache of partial deployments, meaning you won’t get stuck with deadlocked jobs that sit there wasting your cluster’s expensive resources. It’s a much-needed upgrade that makes orchestrating complex, heavy workloads way more efficient and reliable.”
— Mario Fahlandt is a Co-Chair of SIG ContribEx, also part of SIG K8s Infra, and a CNCF Ambassador

Beyond these highlights, v1.35 offers other improvements, including

Beta: Native Pod certificates for workload identity

Kubernetes v1.35 introduces native workload identity using Pod certificates, significantly reducing the need for external controllers, sidecars, or custom CRDs.

Key improvements include:

Certificates requested and issued by the kubelet
Automatic rotation handled natively
Certificates mounted directly into the Pod filesystem
No bearer tokens required in the issuance path

This feature simplifies mTLS, zero-trust architectures, and service mesh integrations, while reducing operational complexity and security risks.

It is tracked under KEP-4317 and led by SIG Auth.

Alpha: Node-declared features before scheduling

To improve safety during upgrades and mixed-version environments, Kubernetes v1.35 introduces an alpha framework for node-declared features.

Nodes can now explicitly report supported Kubernetes features through a new .status.declaredFeatures field. This allows:

Smarter scheduling decisions
Admission-time validation
Better handling of feature skew between control plane and nodes

This work is part of KEP-5328, led by SIG Node.

Deprecations and API removals

Kubernetes v1.35 continues to prune legacy APIs and remove features no longer aligned with modern workloads. Key changes include:

cgroup v1 removed: Nodes must support cgroup v2.
Ingress NGINX enters maintenance: Transition to the Gateway API is recommended.
kube-proxy ipvs mode deprecated: nftables is the long-term replacement.
API cleanups: Several old beta/deprecated APIs have been removed.

Platform teams are strongly encouraged to review the v1.35 changelog.