GKE release notes

This page documents production updates to Google Kubernetes Engine (GKE). You canperiodically check this page for announcements about new or updated features,bug fixes, known issues, and deprecated functionality.

This page includes release notes for allchannelsand releases.

Current versions

The following table lists the current versions for eachreleasechannel. To learn more aboutthe designations in this table, seeWhat versions are available in achannel.For general information on versioning and upgrades, seeGKEversioning and support andAboutGKE cluster upgrades.

GKE Release ChannelRapidRegularStableExtendedNo Channel (Static)
Available minor versions1.32 to 1.351.32 to 1.351.32 to 1.341.30 to 1.351.32 to 1.35
Recommended auto-upgrade target1.35.0-gke.27450031.33.5-gke.23260001.33.5-gke.21720011.30.14-gke.19730001.33.5-gke.2172001
Auto-upgrade targets
  • 1.32.11-gke.1264000
  • 1.33.5-gke.2469000
  • 1.34.3-gke.1444000
  • 1.35.0-gke.2745003
  • 1.32.11-gke.1174000
  • 1.33.5-gke.2326000
  • 1.34.3-gke.1245000
  • 1.35.0-gke.2232003
  • 1.32.11-gke.1038000
  • 1.33.5-gke.2172001
  • 1.34.3-gke.1051003
  • 1.30.14-gke.1973000
  • 1.31.14-gke.1319000
  • 1.32.11-gke.1174000
  • 1.33.5-gke.2326000
  • 1.34.3-gke.1245000
  • 1.35.0-gke.2232003
  • 1.32.11-gke.1174000
  • 1.33.5-gke.2172001
  • 1.34.3-gke.1245000
  • 1.35.0-gke.2232003
Default patch version for cluster creation1.35.0-gke.27450031.34.3-gke.12450001.33.5-gke.21720011.34.3-gke.12450001.34.3-gke.1245000
COS version of default patch versioncos-125-19216-104-126cos-125-19216-104-45cos-121-18867-294-38cos-125-19216-104-45cos-125-19216-104-45

For information on the current minor versions rollout and support schedule, seetheGKE releaseschedule. To find all the patchversions available in a channel,check available and defaultversions.

This table also lists the Container-Optimized OS version that correspondsto the channel's default patch version. To upgrade a cluster to a specific imageversion, seeMap Container-Optimized OS node image versions toGKE patchversions.

Other resources

For more detailed information about security-related known issues, see thesecurity bulletin page.

To view release notes for versions prior to 2020, see theRelease notes archive.

You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in theGoogle Cloud console, or programmatically access release notes inBigQuery.

To get the latest product updates delivered to you, add the URL of this page to yourfeed reader, or add thefeed URL directly.

February 19, 2026

Change

(2026-R7) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R7) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.30.14-gke.2071000cos-113-18244-582-2cos-113-18244-582-2 release notes
1.31.14-gke.1423000cos-117-18613-439-120cos-117-18613-439-120 release notes

February 18, 2026

Security

Multiple security vulnerabilities have been identified in the OpenSSL library.The most significant finding is CVE-2025-15467, a critical vulnerability thatmight allow for remote code execution (RCE) or denial of service (DoS) attacksvia network-based vectors.For more information, see theGCP-2026-006 security bulletin.

February 17, 2026

Deprecated

Control of MCP use with organization policies is deprecated. After March 17,2026, organization policies that use thegcp.managed.allowedMCPServicesconstraint won't work, and you can control MCP use with IAM deny policies. Formore information about controlling MCP use, seeControl MCP use with IAM.

Change

After March 17, 2026, when you enable GKE, the GKEMCP server is automatically enabled.

February 13, 2026

Feature

You can now determine the status and health of a TPU slice and partition by monitoring these new beta system metrics:

  • kubernetes.io/accelerator/slice/state: Indicates the current status of the slice.
  • kubernetes.io/accelerator/partition/state: Indicates the health of the partition.

For more information, see theGKE system metrics documentation.

February 11, 2026

Change

(2026-R6) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.5-gke.2118001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.32.9-gke.1728000
    • 1.33.5-gke.2100001
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R6) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.32.11-gke.1264000cos-117-18613-439-108cos-117-18613-439-108 release notes
1.34.3-gke.1444000cos-125-19216-104-133cos-125-19216-104-133 release notes
1.35.0-gke.2232000cos-125-19216-104-45cos-125-19216-104-45 release notes
1.35.0-gke.2398000cos-125-19216-104-126cos-125-19216-104-126 release notes

February 05, 2026

Feature

Image streaming is now available in theasia-southeast3 region. For more information,see theImage streaming documentation.

February 04, 2026

Change

(2026-R5) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.34.3-gke.1051003 is now the default version for cluster creation in the Regular channel.
  • Version1.33.5-gke.2228001 is now available in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.32.9-gke.1734000
    • 1.33.5-gke.2118001
    • 1.34.1-gke.3971002
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.5-gke.2100001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.32.9-gke.1711000
    • 1.33.5-gke.2072001
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R5) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.30.14-gke.1991000cos-113-18244-521-88cos-113-18244-521-88 release notes
1.31.14-gke.1336000cos-117-18613-439-108cos-117-18613-439-108 release notes
1.33.5-gke.2392000cos-121-18867-294-100cos-121-18867-294-100 release notes
1.34.3-gke.1318000cos-125-19216-104-126cos-125-19216-104-126 release notes
1.35.0-gke.2398000cos-125-19216-104-126cos-125-19216-104-126 release notes

February 03, 2026

Feature

Image streaming and secondary boot disks are now generally available (GA) fornodes using the Ubuntu with containerd (UBUNTU_CONTAINERD) image type. Thesefeatures improve workload startup performance on GKE Standard and Autopilot clustersthrough image data streaming and preloaded disk data. To use these features onUbuntu nodes, your cluster must be running GKE version 1.35.0-gke.1403000 or later.

For more information, see the documentation forImage StreamingandUsing Secondary Boot Disks.

January 29, 2026

Change

(2026-R4) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R4) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.29.15-gke.2725000cos-113-18244-521-74cos-113-18244-521-74 release notes
1.30.14-gke.1973000cos-113-18244-521-74cos-113-18244-521-74 release notes
1.31.14-gke.1319000cos-117-18613-439-92cos-117-18613-439-92 release notes
1.35.0-gke.2180000cos-125-19216-104-45cos-125-19216-104-45 release notes

January 27, 2026

Feature

Stream Control Transmission Protocol (SCTP) support on GKE Dataplane V2 is nowgenerally available (GA). You can now deploy workloads that use SCTP onGKE Standard clusters. This feature enables direct SCTPcommunication for Pod-to-Pod and Pod-to-Service traffic.

SCTP support requires clusters to use GKE Dataplane V2 and Ubuntu node images.This feature is available in GKE version 1.32.2-gke.1297000 orlater.

For more information, seeDeploy workloads withSCTP.

January 26, 2026

Feature

TheN4A machineseriesis generally available for GKE clusters in Autopilot andStandard modes. For more information, seeArm workloads onGKE.

January 21, 2026

Change

(2026-R3) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.5-gke.2019000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.31.14-gke.1081000
    • 1.31.14-gke.1114000
    • 1.32.9-gke.1632000
    • 1.33.5-gke.1956000
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R3) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.29.15-gke.2680000cos-113-18244-521-56cos-113-18244-521-56 release notes
1.30.14-gke.1922000cos-113-18244-521-56cos-113-18244-521-56 release notes
1.31.14-gke.1243000cos-117-18613-439-81cos-117-18613-439-81 release notes
1.32.11-gke.1075000cos-117-18613-439-81cos-117-18613-439-81 release notes
1.35.0-gke.1795000cos-125-19216-104-45cos-125-19216-104-45 release notes

Feature

You can now determine which Kubernetes JobSets are scheduled on whichGKE node pools and nodes by monitoring the new generallyavailable system metrics:

  • kubernetes.io/jobset/assigned_node_pools: GKE node poolswhere a Kubernetes JobSet has scheduled Pods.
  • kubernetes.io/jobset/assigned_nodes: GKE nodes where aKubernetes JobSet has scheduled Pods.
  • kubernetes.io/node_pool/assigned_jobsets: Kubernetes JobSets that havescheduled Pods on a GKE node pool.
  • kubernetes.io/node/assigned_jobsets: Kubernetes JobSets that havescheduled Pods on a GKE node.

January 20, 2026

Feature

Theasia-southeast3 region in Bangkok, Thailand is available. For moreinformation, see theGlobal Locations.

Issue

In some GKE versions earlier than 1.34.0-gke.2011000, using theCloud Storage FUSE CSI driver with streaming writes enabled might cause filewrites to fail with an Input/Output error on the application side accompanied by503 errors in the gke-gcsfuse-sidecar logs. This issue occurs when streamingwrites are enabled, and is caused by stalls during write operations. Streamingwrites are enabled by default in GKE versions 1.33.2-gke.4655000and later.

To work around this limitation, you can perform one of the following actions:

  • Upgrade your cluster to GKE version 1.34.1-gke.3849001 orlater.
  • If you can't upgrade your cluster, disable streaming writes by passing the--enable-streaming-writes=false orwrite:enable-streaming-writes:falseflags when youconfigure mountoptionsfor Cloud Storage FUSE CSI driver. These flags only prevent error reliablywhen staging writes use fast media types such as SSD or tmpfs. tmpfs isspecified using--temp-dir orfile-system:temp-dir flags when youconfigure mount options.

January 15, 2026

Change

(2026-R2) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R2) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.35.0-gke.1624000cos-125-19216-104-45cos-125-19216-104-45 release notes

January 07, 2026

Change

(2026-R1) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2026-R1) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.35.0-gke.1403000cos-125-19216-104-45cos-125-19216-104-45 release notes

Feature

NodeLocal DNSCache is enabled by default on new StandardGKE clusters which are created running version 1.34.1-gke.3720000or later. NodeLocal DNSCache is a GKE add-on that improves DNSperformance by running a DNS cache directly on each cluster node as a DaemonSet.To learn more, seeSet up NodeLocalDNSCache.

January 06, 2026

Fixed

A fix is available for theDecember 16, 2025 issue in whichAutopilot nodes enter into a state where new system Pods and user Pods areunable to run due to NRI RunPodSandbox failures. For more details, includinginstructions on how to confirm if you're affected by this, seePods unable torun on a Node due to NRI RunPodSandbox failed.

The fix is available with GKE version 1.34.1-gke.3899000 andlater.

January 05, 2026

Change

(2025-R54) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R54) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.35.0-gke.1340000cos-125-19216-104-45cos-125-19216-104-45 release notes

December 29, 2025

Change

(2025-R53) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Announcement

Kubernetes 1.35 is now available in the Rapid channel

Kubernetes 1.35 is now available in the Rapid channel. For more information about the content of Kubernetes 1.35, read theKubernetes 1.35 Release Notes and Kubernetes1.35 Release Blog.

Deprecated

Deprecated in 1.35

  • ThePreferClose value for aKubernetes Service'strafficDistribution field is now deprecated in favor of the more explicitPreferSameZone.

Removed in 1.35

  • Kubernetes hasdeprecated cgroup v1 support.
  • GKE is removing cgroup v1 support in 1.35. If you have specifically configured your node pools to use cgroup v1 then upgrades will be blocked until you configure cgroup v2. To migrate to cgroup v2, seeMigrate to cgroup v2.
Feature

New features in 1.35

  • In-place Pod Resize:In-place Pod Resize is now GA. This feature allows Pod CPU and memory requests and limits to be modified in-place without Pod or container restart.
  • Writable cgroups: GKEWritable cgroups for containers is now GA. This feature allows workloads to manage resources for child processes using the Linux cgroups API, improving reliability for applications likeRay.
Change

Other changes in 1.35

  • Windows containerd 2.1: GKE Windows nodes will use containerd 2.1 in 1.35, upgraded from containerd 1.7 in GKE 1.34. Clusters containing Windows nodes will have auto-upgrades to 1.35 delayed until 1.34 EOL due to possible compatibility issues introduced in containerd 2.0. Check if you're using deprecated containerd features removed in 2.0 and migrate off of them, seeMigrate nodes to containerd 2. After all deprecated features are removed, manually upgrade your cluster to 1.35.

December 19, 2025

Feature

Rollout sequencing with custom stages is now available in Preview. This featureoffers granular control over upgrading groups of clusters within a fleet,allowing you to progressively roll out GKE versions across environments. Formore information seeAbout rollout sequencing with custom stages.

December 18, 2025

Change

(2025-R52) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Regular channel.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R52) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.34.1-gke.3759000cos-125-19216-104-45cos-125-19216-104-45 release notes

Change

GKE Standard clusters enrolled in the Regular channel nowsupport Autopilot features. Autopilot features include the container-optimizedcompute platform and fully managed nodes, letting you use Autopilot'sadvantages without migrating to a dedicated Autopilot cluster.

To use Autopilot features in Standard clusters, use either of thefollowing configurations:

  • Enroll a cluster in the Regular channel with GKE version 1.34.1-gke.1829001or later.
  • Enroll a cluster in the Rapid channel with GKE version 1.33.1-gke.1107000or later.

For more information, seeRun workloads in Autopilot mode in Standard clusters.

December 16, 2025

Issue

In rare cases, a cluster control plane upgrade can cause an Autopilot node toenter into a state in which new system and user Pods are unable to run, whichthen causes issues such as broken Pod networking. GKE isregularly detecting this issue, and when possible GKEis mitigating new occurrences of this issue. For more details, seePods unable to run on a Node due to NRI RunPodSandbox failed,and to mitigate this issue yourself, follow the procedure in the sectionConsistently unreliable workload performance on a specific node.

December 15, 2025

Feature

GKE Autopilot now supports N4A machine types inPublic Preview, available on clusters runningversion 1.34.1-gke.3403001 or later.

December 10, 2025

Change

(2025-R51) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R51) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.28.15-gke.3225000cos-113-18244-521-39cos-113-18244-521-39 release notes
1.29.15-gke.2553000cos-113-18244-521-39cos-113-18244-521-39 release notes
1.30.14-gke.1794000cos-113-18244-521-39cos-113-18244-521-39 release notes
1.31.14-gke.1081000cos-117-18613-439-45cos-117-18613-439-45 release notes
1.32.9-gke.1632000cos-117-18613-439-45cos-117-18613-439-45 release notes
1.33.5-gke.1956000cos-121-18867-294-38cos-121-18867-294-38 release notes
1.34.1-gke.3556000cos-125-19216-104-39cos-125-19216-104-39 release notes

Feature

In GKE version 1.34.1-gke.2541000 and later, you can specifysecure tags for firewalls in thespec.nodePoolConfig.resourceManagerTags fieldin ComputeClasses. GKE adds those secure tags to the nodes thatGKE creates for that ComputeClass, so that you can targetnodes by using these tags in firewall policies. For more information, seeSelectively enforce firewall policies in GKE.

December 08, 2025

Fixed

TheOctober 14, 2025issue in which MountVolume calls for network file system (NFS) volumes mightfail is fixed for GKE versions 1.34.1-gke.2877000 and later.

December 05, 2025

Change

(2025-R50) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.34.1-gke.3355001 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.31.14-gke.1033000
    • 1.32.9-gke.1575000
    • 1.33.5-gke.1350000
    • 1.33.5-gke.1521000
    • 1.33.5-gke.1697000
    • 1.33.5-gke.1791000
    • 1.34.1-gke.2037001
    • 1.34.1-gke.2037002
    • 1.34.1-gke.2541000
    • 1.34.1-gke.2909000
    • 1.34.1-gke.2980000
    • 1.34.1-gke.3084001
    • 1.34.1-gke.3225000
    • 1.34.1-gke.3355000
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

December 03, 2025

Feature

GKE Inference Gateway is generally available (GA) and ready for productionworkloads. This release introduces major performance, security, and usabilityenhancements since the Public Preview.

  • Stable v1 API: The API has graduated to v1. TheInferenceModel resourceis replaced by theInferenceObjective resource for a clearer definition ofserving goals. A zero-downtime migration path is available.
  • Prefix-Aware Routing: A new, intelligent routing feature inspects requestcontext and routes requests with shared prefixes (like in conversational AI)to the same model replica. This can maximize KV cache hits and improveTime-to-First-Token (TTFT) latency by up to 96%.
  • API Key Authentication: Secure your endpoints by enforcing API keyvalidation through a new integration with Apigee.
  • Body-Based Routing: The gateway can route requests using the modelfield directly from the HTTP request body, which enables nativecompatibility with the OpenAI API specification.

For more information seeAbout GKE Inference GatewayandDeploy GKE Inference Gateway.

Issue

Starting with version 1.33.2-gke.4655000, the GCSFuse CSI Driver automaticallyapplies performance-tuning defaults for Cloud Storage FUSE volumes used on nodeswithhigh-performance machine types.However, in GKE versions 1.34.1-gke.1431000 to 1.34.1-gke.3403001, thesedefaults are not being applied. This is due to an issue where GCSFuse failsto recognize the machine type from the configuration file provided by theGCSFuse CSI Driver.

To apply the performance defaults, explicitly set the machine-type as agcsfuse mount option. Use the command-line flag format, with the key andvalue separated by an equals sign (=).

For example:machine-type=n2-standard-4

Ensure the Pod using the GCSFuse volume is scheduled on a node that matchesthe specified machine type. These settings are optimized for high-performancemachine types and might not be suitable for other node types. For moreinformation on scheduling, see the Kubernetes documentation onassigning Pods to Nodes.

November 28, 2025

Change

(2025-R49) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R49) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.28.15-gke.3188000cos-113-18244-521-23cos-113-18244-521-23 release notes
1.29.15-gke.2505000cos-113-18244-521-23cos-113-18244-521-23 release notes
1.30.14-gke.1746000cos-113-18244-521-23cos-113-18244-521-23 release notes
1.31.14-gke.1033000cos-117-18613-439-28cos-117-18613-439-28 release notes
1.34.1-gke.1829001cos-125-19216-0-94cos-125-19216-0-94 release notes
1.34.1-gke.2541000cos-125-19216-0-115cos-125-19216-0-115 release notes
1.34.1-gke.3355000cos-125-19216-104-32cos-125-19216-104-32 release notes

November 27, 2025

Feature

TPU7x (Ironwood), Google's seventh-generation TPU for large-scale AI workloads,is available inPreview in GKEStandard clusters that run version 1.34.0-gke.2201000 and later, and inAutopilot clusters that run version 1.34.1-gke.3084001 and later.TPU7x offers a significant performance increase compared to previousgenerations, with 2307 TFLOPs of BF16 performance and 192 GB ofhigh-bandwidth memory (HBM) per chip. For more information, seeGet started with Ironwood (TPU7x).

November 24, 2025

Feature

Fast-starting nodes are now generally available. GKE provisionsfast-starting nodes on a best-effort basis in Autopilot when workloadsuse compatible configurations. For more information, seeAbout quicker workload startup with fast-starting nodes.

November 21, 2025

Issue

In GKE versions 1.34.1-gke.2037001 and 1.34.1-gke.2541000, Armnodes that use an Ubuntu node image might incorrectly use an image with a64 KB page size instead of the default 4 KB page size. Avoid usingversion 1.34.1-gke.2037001 and 1.34.1-gke.2541000 for your Ubuntu Arm nodes.

Issue

GKE versions earlier than 1.32 don't supportdirect NFS volume mountsto NFS volumes that exclusively use an NFS protocol greater thanNFSv4.0.

When using direct NFS volume mounts, Pods on GKE node versionsearlier than 1.32 might fail to mount NFS volumes that are configured to onlysupport protocols greater thanNFSv4.0 (such asNFSv4.1 orNFSv4.2). Thisissue occurs because thecontainerized_mounter on these earlierGKE versions uses version1.2.8 of thenfs-utils package,which doesn't supportNFSv4 minor versions. As a result, the mount processfails with themount.nfs: access denied by server error message.

This issue doesn't affect GKE version 1.32 and later, whichinclude an updated version of thenfs-utils package. To resolve this issue,try one of the following options:

  • Upgrade clusters to GKE version 1.32 or later.
  • Configure the NFS volume to support both theNFSv3 andNFSv4 protocols,which allows the mount to succeed by falling back to a compatible version.
  • Use a PersistentVolume and PersistentVolumeClaim to mount the NFS volume,which allows for explicit NFS version specification.

November 20, 2025

Change

(2025-R48) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R48) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.28.15-gke.3163000cos-113-18244-521-16cos-113-18244-521-16 release notes
1.29.15-gke.2467000cos-113-18244-521-16cos-113-18244-521-16 release notes
1.30.14-gke.1719000cos-113-18244-521-16cos-113-18244-521-16 release notes
1.31.13-gke.1454000cos-117-18613-439-22cos-117-18613-439-22 release notes
1.32.9-gke.1548000cos-117-18613-439-22cos-117-18613-439-22 release notes
1.33.5-gke.1791000cos-121-18867-294-17cos-121-18867-294-17 release notes
1.34.1-gke.2980000cos-125-19216-0-115cos-125-19216-0-115 release notes

November 17, 2025

Feature

NVIDIA recommends that Kubernetes clusters enable Coherent Driver-Based MemoryManagement (CDMM) to resolve memory over-reporting. CDMM is enabled by defaulton A4X nodes running the R580 GPU driver in GKE clusters with thefollowing versions:

  • 1.33 or later: 1.33.4-gke.1036000 or later
  • 1.32: 1.32.8-gke.1108000 or later

CDMM allows GPU memory to be managed through the driver instead of the operatingsystem (OS), avoiding OS onlining of GPU memory, and exposing the GPU memory asa Non-Uniform Memory Access (NUMA) node to the OS.

For more information about CDMM, seeHardware and Software Support.To create GKE clusters with A4X, see the following documents:

November 14, 2025

Change

(2025-R47) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R47) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.34.1-gke.2037002cos-125-19216-0-94cos-125-19216-0-94 release notes
1.34.1-gke.2909000cos-125-19216-0-115cos-125-19216-0-115 release notes

November 11, 2025

Feature

The N4D machine family is now Generally Available (GA) forStandard and Autopilot mode. N4D instances are powered by thefifth generation AMD EPYC SP5 processors (Turin). The N4D machine series isavailable as follows:

  • Cluster autoscaler, node pool auto-creation, and Autopilot mode:GKE version 1.34.1-gke.2037000 and later.
  • Manually created node pools in Standard mode: all availableGKE versions.

For more information, seeN4D machine series.

November 07, 2025

Change

(2025-R46) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R46) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.28.15-gke.2966000cos-113-18244-521-7cos-113-18244-521-7 release notes
1.29.15-gke.2236000cos-113-18244-448-79cos-113-18244-448-79 release notes
1.30.14-gke.1525000cos-113-18244-521-7cos-113-18244-521-7 release notes
1.31.13-gke.1231000cos-117-18613-439-9cos-117-18613-439-9 release notes
1.32.9-gke.1330000cos-117-18613-439-9cos-117-18613-439-9 release notes
1.33.5-gke.1521000cos-121-18867-294-2cos-121-18867-294-2 release notes
1.34.1-gke.2037001cos-125-19216-0-94cos-125-19216-0-94 release notes
1.34.1-gke.2541000cos-125-19216-0-115cos-125-19216-0-115 release notes

Feature

In GKE version 1.34.1-gke.2037001 and later, theGKE logging agent in your clusters can process logs up to twotimes faster per node than in version 1.33 and earlier. The logging agent alsouses less node resources, which improves efficiency especially if you usehigh-throughput logging.These improvements to the logging agent are automatically enabled in version1.34.1-gke.2037001 and later.

Feature

In version 1.34.1-gke.1829001 and later, GKE canauto-create multiplenode pools concurrently to improve the speed with which multiple new node poolsbecome ready.

Feature

In GKE version 1.35 and later, GKE rejectsanonymous requests to cluster endpoints (except for thelivez,/healthz, and/readyz health check endpoints) by default for all new Autopilot orStandard clusters. Existing clusters aren't affected by this change. Toallow anonymous requests to cluster endpoints, explicitly specify a value ofENABLED in the--anonymous-authentication-config flag or theAnonymousAuthenticationConfig.mode API field. For more information, seeRestrict anonymous access to cluster endpoints.

October 31, 2025

Feature

The Multi-Cluster Services (MCS) feature has been updated with a finalizer tomore effectively prevent potential resource leaks and ensure a full cleanupduring the feature's disablement process. As a result of this improvement, thedisablement procedure has been updated. For more details on how to disable MCS, seeDisablingMCS.

October 29, 2025

Change

(2025-R45) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R45) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.33.5-gke.1350000cos-121-18867-199-105cos-121-18867-199-105 release notes
1.34.1-gke.2037000cos-125-19216-0-94cos-125-19216-0-94 release notes

October 28, 2025

Feature

Autoscaled blue-green upgrades are a type of node upgrade strategy thatmaximizes the amount of time before disruption-intolerant workloads are evicted,while minimizing cost. This feature is available in Preview forGKE Standard node pools. For more information, seeAutoscaled blue-green upgrades.

Feature

You can use the G4 VM, powered by NVIDIA's RTX PRO 6000 GPUs, withGKE Autopilot in version 1.34.1-gke.1829001 or later. Toget started, seeDeploy GPU workloads inAutopilot.

October 22, 2025

Change

(2025-R44) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R44) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.28.15-gke.2793000cos-113-18244-448-63cos-113-18244-448-63 release notes
1.29.15-gke.2085000cos-113-18244-448-63cos-113-18244-448-63 release notes
1.30.14-gke.1408000cos-113-18244-448-63cos-113-18244-448-63 release notes
1.31.13-gke.1123000cos-117-18613-339-84cos-117-18613-339-84 release notes
1.32.9-gke.1207000cos-117-18613-339-84cos-117-18613-339-84 release notes
1.33.5-gke.1308000cos-121-18867-199-88cos-121-18867-199-88 release notes
1.34.0-gke.2201000cos-121-18867-199-28cos-121-18867-199-28 release notes
1.34.1-gke.1829001cos-125-19216-0-94cos-125-19216-0-94 release notes

October 21, 2025

Feature

The G4 VM, powered by NVIDIA's RTX PRO 6000 Blackwell Server Edition GPUs withthe AMD EPYC Turin CPU platform, is generally available on GKE.G4 instances have up to 384 vCPUs, 1,440 GB of memory, 12 TiB of Titanium SSDdisks attached, and up to 400 Gbps of standard network performance. The G4 VMoffers a leap in performance with up to 9 times the throughput of G2 instancesfor workloads such as AI development, and graphics rendering. G4 VMs arecurrently available with 1, 2, 4, or 8 GPUs.

October 17, 2025

Issue

Don't use GKE version 1.34.1-gke.1431000 or later when creatingor upgrading node pools with thea3-highgpu-8g machinetype. GKE nodes with these versions include COS Milestone 125,which has an updated Linux kernel version that is incompatible withGPUDirect-TCPX.

October 15, 2025

Change

(2025-R43) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R43) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.34.1-gke.1431000cos-beta-125-19216-0-76cos-beta-125-19216-0-76 release notes

October 14, 2025

Issue

In GKE versions 1.32.4-gke.1029000 and later, MountVolume callsfor network file system (NFS) volumes might fail with the following error:mount.nfs:rpc.statd is not running but is required for remote locking.

This failure can occur if a Pod mounting an NFS volume runs on the same node asan NFS server Pod, and the NFS server Pod starts before the client Pod attemptsto mount the volume. This scenario causes a conflict over therpcbind service,which prevents the service from starting correctly on the node for the clientPod, leading to the mount failure.

As a workaround, deploythisDaemonSeton all nodes where you mount the NFS volumes. The DaemonSet ensures thatthe required services start correctly.

October 09, 2025

Feature

The following networking features are available:

  • In GKE version 1.33.4-gke.1055000 or later, you can controlhow external traffic reaches your Services on GKE clusters byusing Network Service Tiers. You can configure the network tier to use eitherStandard Tier or Premium Tier when you create or update clusters or when youupdate LoadBalancer Services. For more information, seeConfigure externaltraffic with Network Service Tiers.

  • Starting with GKE versions 1.33 and later, you can enableautomatic IP address management (auto IPAM) on GKE clusters. AutoIPAM dynamically adds or removes additional IP address ranges for nodes and Podsas the cluster scales up or down. This feature eliminates the need for large,potentially wasteful, upfront IP reservations and manual intervention duringcluster scaling. For more information, seeUse auto IP addressmanagement.

  • In GKE version 1.30.3-gke.1211000 and later, you can assignadditional subnets to a VPC-native cluster. Additional subnetsassigned to a cluster let you create new node pools where IPv4 addresses forboth nodes and Pods come from the additional subnet ranges. This enhancementremoves single-subnet limitations, increases scalability, and enhances theflexibility of your GKE clusters. For more information, seeAdd subnets toclusters.

Feature

For AI models deployed on a GKE cluster, you can view detailsabout these deployments in the Google Cloud console. The pages include deploymentdetails, logs, andobservabilitydashboards.

October 08, 2025

Change

(2025-R42) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1172000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.14-gke.1108000
    • 1.30.14-gke.1130000
    • 1.32.8-gke.1108000
    • 1.33.4-gke.1134000
  • Clusters in this channel running the listed minor version have new general auto-upgrade targets. GKE can upgrade control planes and nodes to the following new versions with this release:

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Security

(2025-R42) Security updates

This release includes new GKE versions that use updatedContainer-Optimized OS images. These updated images are cumulative,incorporating security fixes from all Container-Optimized OSversions released since the previous GKE release.

To identify the specific vulnerabilities that were resolved in each updatedContainer-Optimized OS image, see theSecurity release notesfor that image. The following table includes links to the release notes foreach updated Container-Optimized OS image:

GKE versionContainer-Optimized OS versionDetails
1.33.5-gke.1162000cos-121-18867-199-80cos-121-18867-199-80 release notes
1.34.1-gke.1279000cos-121-18867-199-80cos-121-18867-199-80 release notes
1.28.15-gke.2751000cos-113-18244-448-58cos-113-18244-448-58 release notes
1.29.15-gke.1989000cos-113-18244-448-58cos-113-18244-448-58 release notes
1.30.14-gke.1336000cos-113-18244-448-58cos-113-18244-448-58 release notes
1.31.13-gke.1023000cos-117-18613-339-77cos-117-18613-339-77 release notes
1.32.9-gke.1108000cos-117-18613-339-77cos-117-18613-339-77 release notes

October 07, 2025

Feature

Starting with GKE version 1.33.2-gke.1240000 and later, you can specify thenetwork tier (Standard or Premium) for ephemeral IP addresses used bythegke-l7-regional-external-managed-mc GatewayClass. For more information,seeConfigure NetworkTier.

October 02, 2025

Change

(2025-R41) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.34.0-gke.2201000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.31.12-gke.1110000
    • 1.32.8-gke.1170000
    • 1.34.0-gke.1662000
    • 1.34.0-gke.2011000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.12-gke.1220000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.9-gke.1010000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.12-gke.1220000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.9-gke.1010000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.34 to version1.34.0-gke.2201000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1245000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.14-gke.1130000
    • 1.31.12-gke.1110000
    • 1.32.8-gke.1134000
    • 1.33.4-gke.1172000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.14-gke.1150000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.8-gke.1170000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.33.4-gke.1245000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.14-gke.1150000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.8-gke.1170000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.4-gke.1245000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1134000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.14-gke.1059000
    • 1.32.6-gke.1060000
    • 1.33.3-gke.1136000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.14-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.8-gke.1108000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.14-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.33 to version1.33.4-gke.1134000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1245000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2610000
    • 1.28.15-gke.2730000
    • 1.29.15-gke.1835000
    • 1.29.15-gke.1971000
    • 1.30.14-gke.1130000
    • 1.31.12-gke.1110000
    • 1.32.8-gke.1134000
    • 1.33.4-gke.1172000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2630000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2630000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1851000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.14-gke.1150000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.8-gke.1170000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.4-gke.1245000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

October 01, 2025

Feature

The GKE cluster autoscaler now allows for a significantly longer node drain time. From GKE version 1.32.7-gke.1079000 and later, the graceful node drain timeout has been increased from 10 minutes to 1 hour. For more information, seeHow cluster autoscaler works.

Feature

TheInPlaceOrRecreate mode for Vertical Pod Autoscaler (VPA) is now available for Public Preview in GKE.

This mode usesIn-Place Pod Resize (IPPR/IPPU), which allows VPA to automatically adjust workload resources, without requiring Pod recreation. This seamless rightsizing capability helps ensure better service continuity and helps minimize costs by optimizing resource allocation, particularly during idle periods.

VPA is enabled by default in Autopilot clusters. For Standard clusters, you must first enable VPA. For more information on configuring a VPA object, seeSet Pod resource requests automatically.

September 29, 2025

Change

(2025-R40) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1172000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.14-gke.1108000
    • 1.31.12-gke.1083000
    • 1.32.8-gke.1108000
    • 1.33.4-gke.1134000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.14-gke.1130000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.8-gke.1134000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.33.4-gke.1172000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.14-gke.1130000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.8-gke.1134000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.4-gke.1172000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1172000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2599000
    • 1.28.15-gke.2697000
    • 1.29.15-gke.1820000
    • 1.29.15-gke.1936000
    • 1.30.14-gke.1108000
    • 1.31.12-gke.1083000
    • 1.32.8-gke.1108000
    • 1.33.4-gke.1134000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2610000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2610000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1835000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.14-gke.1130000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.8-gke.1134000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.4-gke.1172000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Feature

To improve security and workload isolation, GKE has introduced a new, dedicated service agent for logging and monitoring of GKE nodes on clusters running version 1.33 and later. For more information, seeGKE service agents.

What's changing?

GKE will now use the following service agent for logging and monitoring on your nodes:

service-{PROJECT_NUMBER}@gcp-sa-gkenode.iam.gserviceaccount.com

This service agent has the minimal permissions GKE needs to operate nodes, which are included in therole/container.defaultNodeServiceAgent IAM role.

Using a dedicated service agent helps to isolate the requirements of GKE-managed workloads from your own workloads.

What's the impact?

  • This change affects onlyGKE system workloads, which will now use the new service agent for their logging and monitoring capabilities. Your own workloads are not impacted.
  • You might notice missing logs or metrics for your nodes if the new service agent doesn't have the necessary permissions.

What do I need to do?

In the vast majority of cases, no action is needed, as the rolerole/container.defaultNodeServiceAgent has been automatically granted to the new GKE Node Service Agent on your cluster project.

However, you will need to re-apply the rolerole/container.defaultNodeServiceAgent to the new service agent in the following scenarios:

  • You have automation that might have removed this role.
  • You notice missing logs or metrics for your nodes.

You can find the full list of permissions for this role in theIAM documentation.

September 25, 2025

Feature

You can now let GKE auto-create node pools with ComputeClasses without having to enable node auto-provisioning for the entire cluster. This provides more granular control over auto-created node pools, enabling you to target specific workloads and optimize resource usage. For more information, seeNode auto-provisioning and ComputeClasses.

To use this feature, your cluster must meet both of the following requirements:

  • Enrolled in the Rapid release channel.
  • Running GKE version 1.33.3-gke.1136000 or later.
Feature

GKE Standard clusters now support Autopilot features, including the container-optimized compute platform and fully managed nodes, letting you use Autopilot's advantages without migrating to a dedicated Autopilot cluster. For more information, seeRun Autopilot workloads in GKE Standard clusters.

To use these features, your cluster must meet the following requirements:

  • Enrolled in the Rapid release channel.
  • Running GKE version 1.33.1-gke.1107000 or later.
Issue

Issue with A4X machine type compatibility on certain GKE versions

Certain GKE versions are not compatible with the A4X machine type. The issue is that a Container-Optimized OS (COS) image that these GKE versions depend on was not built as a multi-architecture image. This incompatibility causes anexec format error on the Arm-based A4X machines. The issue affects GKE versions 1.33.2-gke.1377000 or later, and any versions earlier than 1.33.4-gke.1036000.

September 23, 2025

Change

The following metrics are now only billed through Cloud Monitoring. If you were using any of these features through GKE Enterprise, your billing is automatically transitioned to the Cloud Monitoring SKU.

These metrics useGoogle Cloud Managed Service for Prometheus to load metrics into Cloud Monitoring. The Cloud Monitoring charges for the ingestion of these metrics are based on the number of samples ingested. For more information, seeCloud Monitoring pricing.

September 18, 2025

Change

(2025-R39) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.34.0-gke.1662000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.14-gke.1130000
    • 1.31.12-gke.1060000
    • 1.31.12-gke.1083000
    • 1.32.8-gke.1108000
    • 1.32.8-gke.1134000
    • 1.33.4-gke.1172000
    • 1.34.0-gke.1477000
    • 1.34.0-gke.1497000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.14-gke.1150000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.12-gke.1110000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.8-gke.1170000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.4-gke.1245000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.14-gke.1150000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.12-gke.1110000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.8-gke.1170000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.4-gke.1245000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.34 to version1.34.0-gke.1662000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1134000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.14-gke.1059000
    • 1.31.12-gke.1060000
    • 1.32.8-gke.1026000
    • 1.33.4-gke.1036000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.14-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.33.4-gke.1134000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.14-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.4-gke.1134000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1134000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2564000
    • 1.28.15-gke.2630000
    • 1.29.15-gke.1773000
    • 1.29.15-gke.1851000
    • 1.30.14-gke.1059000
    • 1.31.12-gke.1060000
    • 1.32.8-gke.1026000
    • 1.33.4-gke.1036000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2599000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2599000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1820000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.14-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.4-gke.1134000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

September 11, 2025

Change

(2025-R38) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1172000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.14-gke.1059000
    • 1.30.14-gke.1108000
    • 1.31.12-gke.1014000
    • 1.32.8-gke.1026000
    • 1.33.4-gke.1036000
    • 1.33.4-gke.1134000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.14-gke.1130000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.12-gke.1060000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.4-gke.1172000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.14-gke.1130000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.12-gke.1060000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.8-gke.1108000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.4-gke.1172000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1036000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.14-gke.1036000
    • 1.31.12-gke.1014000
    • 1.32.7-gke.1079000
    • 1.33.3-gke.1136000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.14-gke.1059000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.8-gke.1026000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.33.4-gke.1036000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.14-gke.1059000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.8-gke.1026000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.4-gke.1036000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1414000
    • 1.32.7-gke.1016000
    • 1.33.2-gke.1043000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.14-gke.1011000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.33 to version1.33.3-gke.1136000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1036000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2547000
    • 1.28.15-gke.2610000
    • 1.29.15-gke.1756000
    • 1.29.15-gke.1835000
    • 1.30.14-gke.1036000
    • 1.31.12-gke.1014000
    • 1.32.7-gke.1079000
    • 1.33.3-gke.1136000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2564000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2564000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1773000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.14-gke.1059000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.8-gke.1026000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.4-gke.1036000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Feature

GKE now provisions fast-starting nodes, which have significantly lower startup time, in Autopilot mode for G2 nodes with NVIDIA L4 GPUs. Fast-starting nodes are in Public Preview for clusters in the Rapid channel, and are available on a best-effort basis when workloads use compatible configurations. For more information, seeAbout quicker workload startup with fast-starting nodes.

Feature

The accelerator-optimized A4X VM, an exascale platform based onNVIDIA GB200 NVL72, is now Generally Available on GKE. A4X is the first GPU VM to run on Arm with the NVIDIA GB200 Grace Blackwell Superchips. You can use A4X to run your large artificial intelligence (AI) models, machine learning (ML), and high performance computing (HPC) workloads.

Important: Updated on September 25, 2025. The GKE version support for the A4X machine series in this feature note was listed incorrectly. For more information, see theIssue published onSeptember 25, 2025. The correct versions are now listed as follows.

The A4X machine type is available asa4x-highgpu-4g in the us-central1-a zone with the following GKE versions:

  • For GKE Standard 1.32, use 1.32.8-gke.1108000 or later.
  • For GKE Autopilot 1.33, use 1.33.4-gke.1036000 or later.

To create GKE clusters with A4X, see the following instructions:

September 08, 2025

Feature

Starting with GKE version 1.33.4-gke.1036000,ComputeClass supports the following newsysctls configurations:

  • kernel.shmmni
  • kernel.shmmax
  • kernel.shmall
  • net.core.rmem_default
  • net.netfilter.nf_conntrack_max
  • net.netfilter.nf_conntrack_buckets
  • net.netfilter.nf_conntrack_tcp_timeout_close_wait
  • net.netfilter.nf_conntrack_tcp_timeout_time_wait
  • net.netfilter.nf_conntrack_tcp_timeout_time_wait
  • net.netfilter.nf_conntrack_acct
  • vm.dirty_background_ratio
  • vm.dirty_writeback_centisecs
  • vm.overcommit_memory
  • vm.overcommit_ratio
  • vm.vfs_cache_pressure
  • fs.aio-max-nr
  • fs.file-max
  • fs.inotify.max_user_instances
  • fs.inotify.max_user_watches
  • fs.nr_open

For more information, see theComputeClass CRD reference.

September 04, 2025

Announcement

Kubernetes 1.34 is now available in the Rapid channel

Kubernetes 1.34 is now available in the Rapid channel. For more information about the content of Kubernetes 1.34, read theKubernetes 1.34 Release Notes.

Feature

New features in Kubernetes 1.34

  • TheKubernetes Dynamic Resource Allocation (DRA) APIsare now generally available. For more information about using DRA in GKE, seeAbout dynamic resource allocation in GKE. The Prioritized list and Admin access features have been promoted to beta and will be enabled by default. The kubelet API has been updated to report status on resources allocated through DRA.
  • The Sleep Action for Pod prestop lifecycle hook is now GA. This can be used to delay Pod termination for graceful shutdown.
  • Streaming List Response Encoding is now GA. It enables efficient handling of requests for large object collections, improving API server reliability and performance.
  • In-Place Pod Resize, which was in beta, is now improved by adding support for decreasing memory limits with best-effort OOM protection. Improved deferred resize retries are also added, which are now prioritized and more responsive to resources becoming available. A newResizeCompleted event records when a resize is completed.
Change

Other changes in 1.34

  • containerd 2.1: GKE nodes are now upgraded to containerd 2.1. This release includes performance improvements such as faster image downloads. For a complete list of changes, see the officialcontainerd 2.1 release notes.
  • VPA InPlaceOrRecreate: This version introduces anew InPlaceOrRecreate mode in Vertical Pod Autoscaler (VPA) (Public Preview) powered by In-Place Pod Resize (IPPR/IPPU) that allows automatically rightsizing workloads often without recreating the Pod. This mode ensures seamless service continuity while minimizing costs during idle periods. If you haven't used VPA with your workloads before, enable Vertical Pod Autoscaler on your cluster and then create a VPA Object for a workload.
Deprecated

Deprecated in 1.34

Thev1beta1 gRPC API between the Kubelet and DRA drivers is deprecated in this release in favor of thev1 API. This API will continue to function but we recommend that all drivers move to the v1 API to prepare for the eventual removal of the v1beta1 API.

Change

CNI spec version for GKE Dataplane V2 updated to v1.1.0

Starting with GKE patch version 1.34, clusters usingGKE Dataplane V2 are being updated fromCNI spec v0.3.1 to v1.1.0.

Action required: If you use your own CNI plugins in your GKE cluster (such as self-managed open-source Istio), you must upgrade themto a version compatible with CNI spec v1.1.0 to prevent errors.

Feature

On clusters with GKE Dataplane V2 that are on GKE version 1.34 and later, theptp plugin is removed from the Container Network Interface (CNI) path. Pods that are created on new nodes have interfaces namedlxc[INTERFACE_HASH] instead ofgke[INTERFACE_HASH]. Additionally, the CNI configuration is moving from thenetd DaemonSet to thecni-writer container in theanetd DaemonSet. For more information, seeOverview of GKE Dataplane V2.

Feature

GKE alpha clusters enable all alpha and the default beta feature gates, which help you to test and validate upcoming Kubernetes capabilities. You can now modify the feature gates to enable or disable differently from the default values, which provides more granular control when leveraging these experimental features. Note that alpha clusters shouldn't be used for production workloads to ensure that your workloads remain stable and performant. For more information, seeAlpha clusters.

September 03, 2025

Change

(2025-R37) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.4-gke.1134000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.14-gke.1036000
    • 1.31.11-gke.1101000
    • 1.32.7-gke.1079000
    • 1.33.3-gke.1136000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.14-gke.1059000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.12-gke.1014000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.8-gke.1026000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.4-gke.1036000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.14-gke.1059000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.12-gke.1014000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.8-gke.1026000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.4-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.34 to version1.34.0-gke.1477000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1390000
    • 1.31.11-gke.1002000
    • 1.32.6-gke.1125000
    • 1.33.2-gke.1240000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.11-gke.1036000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.11-gke.1036000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Feature

In GKE version 1.33.3-gke.1392000 or later, you can use ComputeClasses to provision Confidential GKE Nodes with any supported Confidential Computing type. This feature is now generally available. For more information, seeConfidential GKE Nodes.

September 02, 2025

Announcement

Features that were part of GKE Enterprise are now available as part of the standard GKE offering, or offered as standalone SKUs.

The following advanced multi-cluster management and networking features are included in the GKE offering at no additional cost:

  • Fleet dashboard
  • Multi-team Management
  • Config Sync
  • Config Controller
  • Managed Policy Controller
  • Connect Gateway
  • Network Function Optimizer
  • Fully Qualified Domain Name (FQDN) Network Policy
  • Inter-node Transparent Encryption

The following GKE Enterprise features continue to be available using their current standalone SKUs. If you are using any of these features, your billing is automatically transitioned to the corresponding standalone SKU.

  • Managed Cloud Service Mesh
  • Multicluster Gateways; Multicluster Ingress
  • Binary Authorization
  • Advanced Vulnerability Scanning
  • GKE Extended Support (LTS)

August 29, 2025

Fixed

A fix is available for an issue with Cloud Storage FUSE CSI driver that couldcause Pod to be stuck during startup after a node restart event.Cloud Storage FUSE CSI driver now gracefully handles a node restart behavior.

The fix is available in the following GKE versions:

  • 1.32.6-gke.1125000 and later
  • 1.33.1-gke.1959000 and later

August 28, 2025

Security

GKE version 1.33.0-gke.1276000 and later remediate a low severityvulnerability, in which an attacker with the ability to patch Node resources byusing the Kubernetes API could change specific node labels in clusters that useWorkload Identity Federation for GKE. This could result in the attacker gainingaccess to node metadata, such as the IAM service account.To remediate thisvulnerability, a validation policy is enforced that prevents unauthorizedmodifications to the node labels that control metadata protection.

Feature

You can now run GPU workloads on Confidential GKE Nodes with the A3 Highmachine type and NVIDIA H100 GPUs. This feature is available inGKE version 1.32.2-gke.1297000 and later for manual GPU driverinstallation, and in version 1.33.3-gke.1392000 and later for automatic driverinstallation. This enables stronger data protection and integrity forGPU-accelerated computations running within GKE clusters andnodes. This feature is in General Availability.

For more information, seeEncrypt GPU workload data in use with Confidential GKE Nodes.

August 27, 2025

Change

(2025-R36) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.14-gke.1011000
    • 1.31.11-gke.1064000
    • 1.31.11-gke.1135000
    • 1.32.7-gke.1016000
    • 1.32.8-gke.1005000
    • 1.33.3-gke.1392000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.14-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.11-gke.1101000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.7-gke.1079000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.14-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.11-gke.1101000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.7-gke.1079000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.3-gke.1136000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1414000
    • 1.31.11-gke.1064000
    • 1.32.6-gke.1125000
    • 1.33.2-gke.1240000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.7-gke.1016000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.7-gke.1016000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.3-gke.1136000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1372000
    • 1.31.10-gke.1067000
    • 1.32.6-gke.1096000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.11-gke.1002000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.11-gke.1002000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.3-gke.1136000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2507000
    • 1.28.15-gke.2564000
    • 1.29.15-gke.1686000
    • 1.29.15-gke.1773000
    • 1.30.12-gke.1414000
    • 1.31.11-gke.1064000
    • 1.32.6-gke.1125000
    • 1.33.2-gke.1240000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2527000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2527000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1713000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.7-gke.1016000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.3-gke.1136000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

August 25, 2025

Feature

In GKE version 1.33 and later, the Horizontal Pod Autoscalerhas been re-architected for improved performance and scalability. This updateenables a consistent 15-second recalculation period and supports up to 5,000 HPAobjects per cluster.

For more information see,Horizontal Pod autoscaling.

August 21, 2025

Change

(2025-R35) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.3-gke.1136000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1414000
    • 1.31.11-gke.1036000
    • 1.32.6-gke.1125000
    • 1.33.2-gke.1240000
    • 1.33.3-gke.1250000
    • 1.33.3-gke.1266000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.11-gke.1064000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.7-gke.1016000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.3-gke.1136000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.14-gke.1011000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.11-gke.1064000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.7-gke.1016000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.3-gke.1136000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1390000
    • 1.31.11-gke.1002000
    • 1.32.6-gke.1096000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.11-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.6-gke.1125000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.11-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.6-gke.1125000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.32.6-gke.1060000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1340000
    • 1.31.10-gke.1034000
    • 1.32.6-gke.1025000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.6-gke.1060000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.6-gke.1060000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Feature

TheM4 machine seriesis generally available in GKE Autopilot clusters withversion 1.33.4-gke.1013000 or later. For more information, see M4 inResource requests in Autopilot.

Feature

Starting with GKE version 1.33.2-gke.1240000 and later, you cannow specify the network service tier (Standard or Premium) for ephemeral IPaddresses used by thegke-l7-regional-external-managed GatewayClass. ThisGatewayClass configures Regional External Application Load Balancers for singleclusters.

For more information, seeConfigure network tier for Gateway IP addresses.

Change

Starting in GKE 1.33.3-gke.1136000, the validation of theHealthCheckPolicy CRD is now performed earlier by GKE Gateway.Hence, certain invalid policies are now rejected bykubectl. The resultingerror message will specify why the policy is invalid.

August 20, 2025

Fixed

A fix is available for an issue where thedevice-fs-monitor component in theNode Problem Detector generated falseReadOnlyLocalSSDDetected warnings onnodes that did not have local SSDs. This could cause customer confusion anddistracting warnings.

The fix is available in the following GKE versions:

  • 1.32.6-gke.1096000 and later
  • 1.33.0-gke.1712000 and later

August 15, 2025

Feature

For clusters enrolled in the Extended channel, you can now useGatewaywith GKE version 1.30 or later, orcustomized sysctl configuration options.

Feature

You can now receive a patch version in a release channel as soon as the versionis available and before GKE sets the version as an auto-upgradetarget in the channel by usingaccelerated patch auto-upgrades. Receivingpatch versions earlier can help accelerate auto-upgrade timelines for patches,especially for use cases such as accelerating your compliance with securityrequirements.

For more information, seeAccelerated patch auto-upgrades.

August 14, 2025

Change

(2025-R34) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1390000
    • 1.31.11-gke.1002000
    • 1.32.6-gke.1096000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.11-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.6-gke.1125000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1414000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.11-gke.1036000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.6-gke.1125000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1372000
    • 1.31.10-gke.1067000
    • 1.32.6-gke.1060000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.11-gke.1002000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.6-gke.1096000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.11-gke.1002000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.6-gke.1096000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.32.6-gke.1025000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1333000
    • 1.31.10-gke.1021000
    • 1.32.6-gke.1013000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.6-gke.1025000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.6-gke.1025000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
Feature

You can now configure GKE clusters to have a default computeclass in GKE versions 1.33.1-gke.1744000 or later. For moredetails, see thedefault custom compute class documentation.

August 12, 2025

Feature

Starting with GKE version 1.33.1-gke.1231000, you can viewKubeRay Operator addon logs. These logs are available by default inCloud Logging when the Ray operator addon is enabled in GKE.This integration helps you to monitor and debug the Ray Operator. Previously,accessing these logs required more complex steps. To view the logs, navigate toCloud Logging Logs Explorer in the Google Cloud console and run a query to filterfor the Ray Operator logs for your specific cluster.

For more information, seeView Ray Operator logs on GKE.

Feature

Starting on August 1, 2025, the Performance HorizontalPodAutoscaler profile isenabled by default for GKE Standard clusters that runGKE version 1.33.2-gke.4605000 and later and meet all of thePerformance profile requirements.The Performance profile improves the reaction time, speed, and scalability ofthe Horizontal Pod Autoscaler. You can optionallydisable the Performance profile.

August 08, 2025

Feature

You can nowcustomize a node system configuration with the following new Kubelet, Sysctl, and Linux config options:

  • kubeletConfig flags:

    • topologyManager (on GKE versions 1.32.3-gke.1785000 and later)
    • memoryManager (on GKE versions 1.32.3-gke.1785000 and later)
    • maxParallelImagePulls (on GKE versions 1.33.1-gke.1918000 and later)
    • singleProcessOomKill (on GKE versions 1.32.4-gke.1132000, 1.33.0-gke.1748000 and later)
    • evictionSoft
    • evictionSoftGracePeriod
    • evictionMinimumReclaim
    • evictionMaxPodGracePeriodSeconds

  • sysctl flags:

    • vm.overcommit_memory
    • vm.overcommit_ratio
    • vm.vfs_cache_pressure
    • vm.dirty_ratio
    • vm.dirty_background_ratio
    • vm.dirty_expire_centisecs
    • vm.dirty_writeback_centisecs
    • vm.watermark_scale_factor
    • vm.min_free_kbytes
    • vm.swappiness
    • fs.nr_open
    • fs.file-max
    • fs.inotify.max_user_watches
    • fs.inotify.max_user_instances
    • fs.aio-max-nr
    • net.ipv4.tcp_max_orphans

  • linuxConfig flags:

    • transparentHugepageEnabled (on GKE versions 1.33.2-gke.4655000 and later)
    • transparentHugepageDefrag (on GKE versions 1.33.2-gke.4655000 and later)
Feature

The C4 machine series now has General Availability machine types that support Local SSD storage options. These machine types are available in all GKE versions for Standard mode, and in GKE version 1.33.1-gke.1545000 and later for Autopilot mode. For more information about these machine types, see the "C4 standard with Local SSD" and "C4 highmem with Local SSD" tabs inC4 machine types.

August 06, 2025

Change

(2025-R33) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1372000
    • 1.31.10-gke.1067000
    • 1.32.6-gke.1060000
    • 1.33.2-gke.4780000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.11-gke.1002000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.6-gke.1096000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.11-gke.1002000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.6-gke.1096000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1340000
    • 1.31.10-gke.1034000
    • 1.32.6-gke.1025000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.6-gke.1060000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.6-gke.1060000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.32.6-gke.1013000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1320000
    • 1.31.9-gke.1287000
    • 1.32.4-gke.1767000
    • 1.33.2-gke.1111000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.6-gke.1013000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.6-gke.1013000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

August 05, 2025

Feature

TheM4 machine series is generally available in GKE Standard clusters.

Fixed

A fix is available for an issue in which the Compute Engine Persistent Disk CSIdriver failed with aninvalid cpuString error on GKE nodes that used custommachine types. This issue prevented successful attachment and mounting ofPersistent Disk volumes on affected nodes. The fix is available in the followingGKE versions:

  • 1.31.10-gke.1034000 and later
  • 1.32.4-gke.1698000 and later
  • 1.33.1-gke.1386000 and later

August 01, 2025

Change

(2025-R32) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1340000
    • 1.31.10-gke.1034000
    • 1.32.6-gke.1025000
    • 1.33.2-gke.4655000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.6-gke.1060000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1372000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.10-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.6-gke.1060000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1240000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1333000
    • 1.31.10-gke.1021000
    • 1.32.6-gke.1013000
    • 1.33.2-gke.1111000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.6-gke.1025000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.6-gke.1025000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.2-gke.1240000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.32.4-gke.1767000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1279000
    • 1.31.9-gke.1218000
    • 1.32.4-gke.1698000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1320000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.9-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.4-gke.1767000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1320000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.9-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.4-gke.1767000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1240000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2456000
    • 1.28.15-gke.2488000
    • 1.29.15-gke.1607000
    • 1.29.15-gke.1656000
    • 1.30.12-gke.1333000
    • 1.31.10-gke.1021000
    • 1.32.6-gke.1013000
    • 1.33.2-gke.1111000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2461000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2461000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1614000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.6-gke.1025000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.2-gke.1240000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.

July 28, 2025

Announcement

Control plane datastore maintenance

Starting in May, 2025, Google is performing maintenance on the internal controlplane datastore for all GKE clusters to improve scalability andreliability. We expect to complete these improvements across GKEby October, 2025.

This maintenance is happening gradually across all GKE clusters,and will occur in your clusters only during configured maintenance windows. Themaintenance process is expected to take approximately 15 minutes to completeduring your cluster's maintenance window.

Expected impact

During the internal control plane datastore maintenance, theKubernetes API server will be unavailable for 15 minutes, regardless ofwhether you use a regional cluster or a zonal cluster. During this 15-minuteperiod, you won't be able to interact with the Kubernetes API server for yourcluster.

Consider the following potential disruptions to your normal workflows during themaintenance window for your cluster:

  • Kubernetes API unavailability: you can't use thekubectl tool or anyother Kubernetes API client to issue commands to the control plane,regardless of whether the cluster is regional or zonal. Attempts to deploy,modify, or query resources by using the Kubernetes API will fail during thisperiod.
  • Halted deployments: automated deployment pipelines (CI/CD) that interactwith the Kubernetes API will fail to complete tasks such as deploying orupdating applications in the cluster.
  • Google Cloud console limitations: operations for the cluster in theGoogle Cloud console that communicate with the Kubernetes API might failduring the maintenance period.
  • Delayed control plane automation: features that are managed by thecontrol plane, such as the cluster autoscaler, Horizontal or VerticalPod Autoscaling adjustments, or some node auto-repair operations might bepaused until the API server is online.

The following resources have no expected impact during the maintenance period:

  • Running applications: any running applications and services on yournodes should continue to function without interruptions.
  • Node pool operations: existing nodes should remain connected andoperational.
  • Network traffic: traffic in the data plane, such as traffic to and fromyour running workloads, shouldn't be affected.

What you need to do

No action is required from you for the maintenance to occur. To plan for thismaintenance, we recommend that you do the following:

  • Review maintenance windows: review your cluster'smaintenance window and exclusions settingsand schedule maintenance windows during periods that minimize disruptions toyour normal workflows.
  • Plan for Kubernetes API unavailability: if you run critical operationsin your cluster that require access to the Kubernetes API, avoid schedulingthese operations during maintenance windows.
Fixed

Important: This note is incorrect. For the correct note, see the entry forAugust 5, 2025.

A fix is available for an issue in which the Compute Engine Persistent Disk CSIdriver failed with aninvalid cpuString error on GKE nodes that used custommachine types. This issue prevented successful attachment and mounting ofPersistent Disk volumes on affected nodes. The fix is available in the followingGKE versions:

  • 1.31.10-gke.1021000 and later
  • 1.32.4-gke.1698000 and later
  • 1.33.1-gke.1386000 and later
Feature

In GKE version 1.33.1-gke.1788000 and later, you can target specific reservationsub-blocks in a reservation block by using thereservationSubBlock field in compute classes.

Feature

In GKE version 1.32.2-gke.1359000 and later, you can now configurecollection schedulingfor single-host and multi-host TPU node pools by usingcompute classes.Collection scheduling lets you set a Service Level Objective (SLO) for your TPUworkloads.

Feature

In GKE version 1.33.2-gke.1335000 and later, theGKE Gateway controllersupportsGateway API v1.3 CRDs.

July 25, 2025

Change

(2025-R31) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following versions are now available for new GKE clusters, and formanual control plane upgrades and node upgrades for existing clusters. For moreinformation about versioning and upgrades, seeGKE versioning andsupport andAbout GKEcluster upgrades.

Rapid channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1240000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1208000
    • 1.30.12-gke.1246000
    • 1.30.12-gke.1279000
    • 1.30.12-gke.1320000
    • 1.30.12-gke.1333000
    • 1.31.9-gke.1119000
    • 1.31.9-gke.1176000
    • 1.31.9-gke.1218000
    • 1.31.9-gke.1287000
    • 1.31.10-gke.1021000
    • 1.32.4-gke.1415000
    • 1.32.4-gke.1603000
    • 1.32.4-gke.1698000
    • 1.32.4-gke.1767000
    • 1.32.6-gke.1013000
    • 1.33.1-gke.1584000
    • 1.33.1-gke.1744000
    • 1.33.1-gke.1959000
    • 1.33.2-gke.1043000
    • 1.33.2-gke.1111000
    • 1.33.2-gke.1384000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.6-gke.1025000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.2-gke.1240000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.10-gke.1034000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.6-gke.1025000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.2-gke.1240000 with this release.

Regular channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1111000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1168000
    • 1.30.12-gke.1208000
    • 1.30.12-gke.1246000
    • 1.30.12-gke.1279000
    • 1.30.12-gke.1320000
    • 1.31.9-gke.1044001
    • 1.31.9-gke.1119000
    • 1.31.9-gke.1176000
    • 1.31.9-gke.1218000
    • 1.31.9-gke.1287000
    • 1.32.4-gke.1415000
    • 1.32.4-gke.1603000
    • 1.32.4-gke.1698000
    • 1.32.4-gke.1767000
    • 1.33.1-gke.1107000
    • 1.33.1-gke.1386000
    • 1.33.1-gke.1584000
    • 1.33.1-gke.1744000
    • 1.33.2-gke.1043000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.6-gke.1013000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.6-gke.1013000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.2-gke.1111000 with this release.

Stable channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.32.4-gke.1698000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1086000
    • 1.30.12-gke.1151000
    • 1.30.12-gke.1168000
    • 1.30.12-gke.1208000
    • 1.30.12-gke.1246000
    • 1.31.8-gke.1113000
    • 1.31.9-gke.1005000
    • 1.31.9-gke.1044001
    • 1.31.9-gke.1119000
    • 1.31.9-gke.1176000
    • 1.32.2-gke.1297002
    • 1.32.4-gke.1415000
    • 1.32.4-gke.1603000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1279000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.9-gke.1218000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.32.4-gke.1698000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1279000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.9-gke.1218000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.4-gke.1698000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.33 to version1.33.2-gke.1043000 with this release.

Extended channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1111000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.15-gke.2303000
    • 1.28.15-gke.2380000
    • 1.28.15-gke.2428000
    • 1.28.15-gke.2445000
    • 1.28.15-gke.2475000
    • 1.29.15-gke.1415000
    • 1.29.15-gke.1493000
    • 1.29.15-gke.1549000
    • 1.29.15-gke.1594000
    • 1.29.15-gke.1639000
    • 1.30.12-gke.1168000
    • 1.30.12-gke.1208000
    • 1.30.12-gke.1246000
    • 1.30.12-gke.1279000
    • 1.30.12-gke.1320000
    • 1.31.9-gke.1044001
    • 1.31.9-gke.1119000
    • 1.31.9-gke.1176000
    • 1.31.9-gke.1218000
    • 1.31.9-gke.1287000
    • 1.32.4-gke.1415000
    • 1.32.4-gke.1603000
    • 1.32.4-gke.1698000
    • 1.32.4-gke.1767000
    • 1.33.1-gke.1107000
    • 1.33.1-gke.1386000
    • 1.33.1-gke.1584000
    • 1.33.1-gke.1744000
    • 1.33.2-gke.1043000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2456000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2456000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1607000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.6-gke.1013000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.2-gke.1111000 with this release.

No channel

Note: Your clusters might not have these versions available.Rollouts are already in progress when we publish the release notes, and can takemultiple days to complete across all Google Cloud zones.
  • Version1.33.2-gke.1111000 is now the default version for cluster creation.
  • The following versions are now available:
  • The following node versions are now available:
  • The following versions are no longer available:
    • 1.30.12-gke.1086000
    • 1.30.12-gke.1151000
    • 1.30.12-gke.1168000
    • 1.30.12-gke.1208000
    • 1.30.12-gke.1246000
    • 1.31.8-gke.1113000
    • 1.31.9-gke.1005000
    • 1.31.9-gke.1044001
    • 1.31.9-gke.1119000
    • 1.31.9-gke.1176000
    • 1.32.2-gke.1182003
    • 1.32.4-gke.1353003
    • 1.32.4-gke.1603000
    • 1.33.1-gke.1107000
    • 1.33.1-gke.1386000
    • 1.33.1-gke.1744000
    • 1.33.1-gke.1959000
    • 1.33.2-gke.1384000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version1.32.4-gke.1698000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version1.30.12-gke.1333000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version1.31.10-gke.1021000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.32 to version1.32.4-gke.1698000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.33 to version1.33.2-gke.1111000 with this release.

July 21, 2025

Feature

In GKE version 1.33.2-gke.1111000 and later, you can use compute classes to setKubernetes labelson all nodes that are created for that compute class. These labels are appliedto the correspondingNode objects in the Kubernetes API. For more informationabout setting node labels in compute classes, see theComputeClass custom resource definition.

July 16, 2025

Change

(2025-R30) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Change

To enable upcoming support for mTLS and client certificates, Google Front Ends(GFEs) that power GKE DNS-based control plane public endpoints will add clientcertificate requests during the TLS handshake. Requests are already incorporatedinto GKE DNS-based control plane public endpoints where hostnames end withus-central1.gke.goog. For all other GKE DNS-based control plane publicendpoints, this will roll out between August 18, 2025 and August 22, 2025.

Until mTLS and client certificate configuration options are available, thefollowing details apply:

  • A client certificate request in a TLS handshakedoesn't mean thatkubectl(or other compatible clients) must provide a client certificate. Clientcertificates are neither mandatory nor configurable.
  • TLS libraries in current operating systems send a "no client certificate"response to the public endpoint's client certificate request.
  • GKE DNS-based control plane public endpoints willnot enforce clientcertificates or mTLS requirements until a future announcement aboutconfiguration options.

If you use an intermediate proxy betweenkubectl (or other compatibleclients) and a GKE DNS-based control plane public endpoint, ensure that it fullyadheres toSection 7.4.4 of RFC 5246,Section 4.4.2 of RFC 8446,orSection 4.4.2.4 of RFC 8446.

July 14, 2025

Fixed

Windows NVMe attached disks are supported only in GKE version1.33.2-gke.1240000 and later. In earlier GKE versions, creatingPersistentVolumeClaims on Windows nodes that use NVMe volumes results in errors.For more information about the disk interface types that are used by machinefamilies, see the Compute EngineMachine series comparison.

If you have Windows workloads that use machine families that support only NVMe,upgrade your clusters to version 1.33.2-gke.1240000 or later.

July 11, 2025

Change

(2025-R29) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

July 02, 2025

Change

(2025-R28) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

June 27, 2025

Change

(2025-R27) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

June 25, 2025

Feature

The C4D machine series is generally available in GKE. The following version requirements apply:

  • Standard clusters:
    • Manual node creation: GKE version 1.30 and later.
    • Node auto-provisioning and cluster autoscaler with Confidential GKE Nodes and compact placement: GKE version 1.32.3-gke.1717000 and later.
  • Autopilot clusters, including compact placement:
    • C4D machine types without Titanium SSD: GKE version 1.33.0-gke.1439000 and later.
    • C4D machine types with Titanium SSD: GKE version 1.33.1-gke.1171000 and later.

You can use the C4D machine series with Confidential GKE Nodes and in compact placement policies in Autopilot and Standard clusters.

For more information, seeC4D machine series.

June 24, 2025

Change

Starting on September 1, 2025, GKE version upgrades can proceed even if existing resources violate custom organization policy constraints. GKE allows upgrade-only operations to occur as long as the operation doesn't introduce new policy violations.

June 18, 2025

Change

(2025-R26) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.33.1-gke.1584000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1168000
    • 1.31.9-gke.1044001
    • 1.33.1-gke.1386000
    • 1.33.1-gke.1545000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1208000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.9-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.1-gke.1584000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1208000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.9-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.1-gke.1584000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1415000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1151000
    • 1.31.9-gke.1005000
    • 1.32.4-gke.1353003
    • 1.33.0-gke.2248000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1168000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.9-gke.1044001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.4-gke.1415000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1168000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.9-gke.1044001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.4-gke.1415000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.1-gke.1107000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.12-gke.1033000
    • 1.31.8-gke.1045000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.8-gke.1113000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.8-gke.1113000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1415000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2810000
    • 1.27.16-gke.2874000
    • 1.28.15-gke.2287000
    • 1.28.15-gke.2403000
    • 1.29.15-gke.1395000
    • 1.29.15-gke.1523000
    • 1.30.12-gke.1151000
    • 1.31.9-gke.1005000
    • 1.32.4-gke.1353003
    • 1.33.0-gke.2248000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2303000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2820000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2303000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1415000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1168000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.9-gke.1044001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.4-gke.1415000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.1-gke.1107000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

June 16, 2025

Feature

For clusters running GKE version 1.32.4-gke.1236000 or later, the cluster autoscaler can scale down nodes by evicting Pods in the kube-system namespace that have no Pod Disruption Budget (PDB) set and have been running for at least one hour.

June 12, 2025

Change

(2025-R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.33.1-gke.1386000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1151000
    • 1.31.9-gke.1005000
    • 1.32.4-gke.1353001
    • 1.32.4-gke.1415001
    • 1.32.4-gke.1533000
    • 1.33.0-gke.2248000
    • 1.33.1-gke.1107000
    • 1.33.1-gke.1375000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1168000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.9-gke.1044001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.4-gke.1415000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.33.1-gke.1386000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1168000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.9-gke.1044001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.4-gke.1415000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.1-gke.1386000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1353003 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1086000
    • 1.31.8-gke.1113000
    • 1.32.4-gke.1236007
    • 1.32.4-gke.1353001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1151000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.9-gke.1005000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.4-gke.1353003 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1151000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.9-gke.1005000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.4-gke.1353003 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.11-gke.1217000
    • 1.31.7-gke.1390000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.8-gke.1045000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.8-gke.1045000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1353003 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2771000
    • 1.27.16-gke.2853000
    • 1.28.15-gke.2239000
    • 1.28.15-gke.2380000
    • 1.29.15-gke.1325000
    • 1.29.15-gke.1493000
    • 1.30.12-gke.1086000
    • 1.31.8-gke.1113000
    • 1.32.4-gke.1236007
    • 1.32.4-gke.1353001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2287000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2810000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1395000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1151000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.9-gke.1005000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.4-gke.1353003 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

June 10, 2025

Feature

Flex-start provisioning mode on GKE now supports TPUs in single-host node pools. Flex-start makes accessing highly-demanded accelerators, like TPU v5e, v5p, and Trillium easier while optimizing their utilization. To learn more, seeAbout GPU and TPU provisioning with flex-start provisioning mode.

Feature

GKE now reports CPU and memory requests and limitsmetrics for Kubernetes-nativesidecar containers starting from GKE version 1.32.4-gke.1106006.

June 05, 2025

Change

(2025-R24) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1236007 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.12-gke.1033000
    • 1.31.8-gke.1045000
    • 1.32.4-gke.1106006
    • 1.32.4-gke.1236006
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.8-gke.1113000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.4-gke.1236007 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.8-gke.1113000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.4-gke.1236007 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.33 to version1.33.0-gke.2248000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.11-gke.1157000
    • 1.31.7-gke.1265000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.11-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.7-gke.1390000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.11-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.7-gke.1390000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1236007 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2732000
    • 1.27.16-gke.2820000
    • 1.28.15-gke.2192000
    • 1.28.15-gke.2303000
    • 1.29.15-gke.1274000
    • 1.29.15-gke.1415000
    • 1.30.12-gke.1033000
    • 1.31.8-gke.1045000
    • 1.32.4-gke.1106006
    • 1.32.4-gke.1236006
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2239000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2771000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2239000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1325000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.8-gke.1113000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.4-gke.1236007 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.33 to version1.33.0-gke.2248000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Change

(2025-R23) Version updates

There are no version updates for 2025-R23.

May 30, 2025

Change

(2025-R22) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.33.0-gke.2248000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1086000
    • 1.31.9-gke.1005000
    • 1.33.0-gke.1868000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1151000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1151000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.0-gke.2248000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1106006 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.11-gke.1217000
    • 1.31.7-gke.1390000
    • 1.32.3-gke.1927009
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.8-gke.1045000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.4-gke.1106006 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.8-gke.1045000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.4-gke.1106006 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.11-gke.1131000
    • 1.31.7-gke.1212000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.7-gke.1265000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.7-gke.1265000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1106006 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2703000
    • 1.27.16-gke.2810000
    • 1.28.15-gke.2169000
    • 1.28.15-gke.2287000
    • 1.29.15-gke.1240000
    • 1.29.15-gke.1395000
    • 1.30.11-gke.1217000
    • 1.31.7-gke.1390000
    • 1.32.3-gke.1927009
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2192000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2732000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2192000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1274000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.8-gke.1045000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.4-gke.1106006 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Change

(2025-R21) Version updates

There are no version updates for 2025-R21.

Change

The insecure kubelet read-only port (10255) is disabled by default in all new clusters that run GKE version 1.32 and later. If you created your cluster using a GKE version earlier than 1.32, we recommend that you disable the insecure kubelet read-only port. For more information seeDisable the kubelet read-only port in GKE clusters.

Feature

GKE now provides insights and recommendations that help you toidentify and remediate clusters where the etcd cluster state database size is approaching the limit. Implementing the recommendation helps you to keep your clusters stable and performant.

May 27, 2025

Feature

In GKE version 1.32.2-gke.1297000 and later, you can use the Intel TDX and AMD SEV-SNPConfidential Computing technologies with Confidential GKE Nodes. This feature is inGeneral Availability. Use Confidential GKE Nodes to encrypt your workload data in-use through Compute Engine Confidential VMs for data and code confidentiality and integrity. For more information, seeEncrypt workload data in-use with Confidential GKE Nodes.

Feature

In GKE version 1.32.2-gke.1297000 and later, you can run GPU workloads on Confidential GKE Nodes with theA3 High machine type and NVIDIA H100 GPUs. This enables stronger data protection and integrity for GPU-accelerated computations running within GKE clusters and nodes. This feature is available inPreview. For more information, seeEncrypt GPU workload data in use with Confidential GKE Nodes.

May 23, 2025

Change

(2025-R20) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1236006 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.12-gke.1033000
    • 1.31.7-gke.1390000
    • 1.31.8-gke.1045000
    • 1.32.3-gke.1927002
    • 1.32.4-gke.1106000
    • 1.32.4-gke.1236000
    • 1.33.0-gke.1552000
    • 1.33.0-gke.1712000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.8-gke.1113000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.4-gke.1236006 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1086000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.8-gke.1113000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.4-gke.1236006 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.0-gke.1868000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.3-gke.1927009 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.11-gke.1157000
    • 1.31.7-gke.1265000
    • 1.32.3-gke.1785003
    • 1.32.3-gke.1927002
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.11-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.7-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.3-gke.1927009 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.11-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.7-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.3-gke.1927009 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1297002 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.10-gke.1070000
    • 1.31.6-gke.1064001
    • 1.32.2-gke.1182003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.31.7-gke.1212000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.7-gke.1212000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.2-gke.1297002 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.3-gke.1927009 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2682000
    • 1.27.16-gke.2771000
    • 1.28.15-gke.2142000
    • 1.28.15-gke.2239000
    • 1.29.15-gke.1193000
    • 1.29.15-gke.1325000
    • 1.30.11-gke.1157000
    • 1.31.7-gke.1265000
    • 1.32.3-gke.1785003
    • 1.32.3-gke.1927002
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2169000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2703000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1240000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.11-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.7-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.3-gke.1927009 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

In the Google Cloud console, the GKE security posture dashboard now uses Security Command Center to show thetop threats that affect your GKE workloads. This feature is inGeneral Availability.

May 22, 2025

Fixed

TheMay 13, 2025 issue in which GKE Autopilot clusters failed to update thecgroup_mode field is fixed in all GKE versions.

May 20, 2025

Feature

In GKE version 1.32.3-gke.1927002 and later, GKE uses a container-optimized compute platform for the general-purpose Autopilot compute class. This platform improves Pod scheduling latency, especially during autoscaling operations. The container-optimized compute platform provides benefits like faster scaling reaction times and more precise capacity right-sizing. For more information about the general-purpose compute class, seeAbout built-in compute classes in Autopilot clusters.

May 16, 2025

Change

(2025-R19) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.4-gke.1106000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.11-gke.1157000
    • 1.30.11-gke.1217000
    • 1.31.7-gke.1265000
    • 1.32.3-gke.1785003
    • 1.33.0-gke.1582000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.7-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.3-gke.1927002 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.12-gke.1033000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.7-gke.1390000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.3-gke.1927002 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.3-gke.1785003 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.11-gke.1131000
    • 1.31.7-gke.1212000
    • 1.32.2-gke.1297002
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.7-gke.1265000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.32.3-gke.1785003 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.7-gke.1265000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.3-gke.1785003 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.3-gke.1785003 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2664000
    • 1.27.16-gke.2732000
    • 1.28.15-gke.2121000
    • 1.28.15-gke.2192000
    • 1.29.14-gke.1067000
    • 1.29.15-gke.1274000
    • 1.30.11-gke.1131000
    • 1.31.7-gke.1212000
    • 1.32.2-gke.1297002
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2142000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2682000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2142000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.15-gke.1193000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.7-gke.1265000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.3-gke.1785003 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

May 13, 2025

Issue

GKE Autopilot clusters fail to update thecgroup_mode field and display the following error:

ERROR: (gcloud.container.clusters.update)    ResponseError: code=400,    message=INVALID_ARGUMENT: invalid node_pool_auto_config.linux_node_config.    Allowed fields are: ["cgroup_mode"]

This issue occurs in all GKE versions. A fix for this issue is in progress. For more information, seeMigrate nodes to Linux cgroupv2.

Feature

GKE now provides insights and recommendations that help you toidentify and troubleshoot clusters with Custom Resource Definitions that contain an invalid or malformed Certificate Authority bundle, which might disrupt cluster operations. Implementing the recommendation helps you to keep your clusters stable and performant.

May 12, 2025

Feature

In GKE version 1.33 and later, the Compute Engine persistent disk CSI Driver supports provisioning Hyperdisk Balanced High Availability volumes in theReadWriteOnce,ReadWriteOncePod, andReadWriteMany access modes. For more information, seeProvisioning Hyperdisk Balanced High Availability volumes.

May 09, 2025

Change

(2025-R18) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.3-gke.1927002 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.11-gke.1131000
    • 1.31.7-gke.1212000
    • 1.32.2-gke.1297002
    • 1.32.3-gke.1785000
    • 1.32.3-gke.1927000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.7-gke.1265000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.3-gke.1785003 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.11-gke.1157000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.7-gke.1265000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.3-gke.1785003 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.33 to version1.33.0-gke.1552000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1297002 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.10-gke.1070000
    • 1.31.6-gke.1064001
    • 1.32.2-gke.1182003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.7-gke.1212000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.7-gke.1212000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.2-gke.1297002 with this release.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1297002 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2650000
    • 1.27.16-gke.2703000
    • 1.28.15-gke.2097000
    • 1.28.15-gke.2169000
    • 1.29.15-gke.1240000
    • 1.30.10-gke.1070000
    • 1.31.6-gke.1064001
    • 1.32.2-gke.1182003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.28.15-gke.2121000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2664000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2121000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.7-gke.1212000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.2-gke.1297002 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Announcement

1.33 is now available in the Rapid channel

Kubernetes 1.33 is now available in the Rapid channel. For more information about the content of Kubernetes 1.33, read theKubernetes 1.33 Release Notes.

Feature

New features in 1.33

Deprecated

Deprecated in 1.33

The gitRepo volume driver is deprecated and disabled for security reasons. For more information, seeKEP-5040.

Removed in 1.33

Thestatus.nodeInfo.kubeProxyVersion field in the Node API object is no longer populated in 1.33 and later. This field actually reported the kubelet version, not thekube-proxy version. You can usestatus.nodeInfo.kubeletVersion to get the kubelet version. For more information, seeKEP-4004.

Change

Other changes in 1.33

containerd 2.0 is supported. For more information, seeMigrate nodes to containerd 2.

May 08, 2025

Feature

ClusterProfile sync is now available to generate a cluster inventory for an existing fleet. A cluster inventory lets you work with open source and third party integrations that use theClusterProfile specification.

Feature

In GKE version 1.32 and later, GKE Sandbox (gVisor) can now be configured with SYS_ADMIN privileges in GKE Autopilot. This lets you useDocker-in-Docker with gVisor in GKE Autopilot.

May 02, 2025

Change

(2025-R17) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1297002 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.30.10-gke.1070000
    • 1.30.10-gke.1102000
    • 1.31.6-gke.1064001
    • 1.31.6-gke.1099001
    • 1.32.2-gke.1182003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.7-gke.1212000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.2-gke.1297002 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.11-gke.1131000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.7-gke.1212000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.2-gke.1297002 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

April 28, 2025

Change

(2025-R16) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are no longer available in the Regular channel:
    • 1.29.14-gke.1018000
    • 1.29.14-gke.1067000

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182003 is now the default version for cluster creation in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.29.13-gke.1038000
    • 1.29.13-gke.1169000

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

April 24, 2025

Deprecated

Saxml on GKE is de-prioritized beginning April 24, 2025. This means the project won't get further updates. Existing Saxml deployments will continue to function as is without disruption. Westrongly suggest that you migrate toJetStream, Google's up to date open source inference framework for high-performance LLM serving on TPUs and GPUs. JetStream offers continuous batching and quantization for better throughput and memory efficiency. For a migration example, seeServe Gemma using TPUs on GKE with JetStream.

April 18, 2025

Change

(2025-R15) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182003 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.29.14-gke.1132000
    • 1.29.15-gke.1017000
    • 1.29.15-gke.1058000
    • 1.29.15-gke.1108000
    • 1.29.15-gke.1134000
    • 1.30.10-gke.1145000
    • 1.30.10-gke.1227000
    • 1.30.10-gke.1227001
    • 1.30.11-gke.1008001
    • 1.30.11-gke.1072000
    • 1.30.11-gke.1093000
    • 1.31.5-gke.1169001
    • 1.31.5-gke.1233001
    • 1.31.6-gke.1020001
    • 1.31.6-gke.1064000
    • 1.31.6-gke.1099000
    • 1.31.6-gke.1140000
    • 1.31.6-gke.1221000
    • 1.31.6-gke.1221001
    • 1.31.7-gke.1013001
    • 1.31.7-gke.1112000
    • 1.31.7-gke.1149000
    • 1.32.2-gke.1182001
    • 1.32.2-gke.1182002
    • 1.32.2-gke.1297001
    • 1.32.2-gke.1400003
    • 1.32.2-gke.1652000
    • 1.32.2-gke.1652003
    • 1.32.3-gke.1057001
    • 1.32.3-gke.1170000
    • 1.32.3-gke.1440000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.6-gke.1064001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.2-gke.1182003 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.6-gke.1064001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.2-gke.1182003 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182003 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.30.10-gke.1022000
    • 1.31.6-gke.1020000
    • 1.31.6-gke.1064000
    • 1.32.1-gke.1357001
    • 1.32.2-gke.1182001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.6-gke.1064001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.6-gke.1064001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.2-gke.1182003 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.6-gke.1064001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.29.13-gke.1109000
    • 1.30.9-gke.1127000
    • 1.30.9-gke.1201000
    • 1.30.10-gke.1022000
    • 1.31.5-gke.1169000
    • 1.31.5-gke.1233000
    • 1.31.6-gke.1020000
    • 1.31.6-gke.1064000
    • 1.32.2-gke.1182001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.10-gke.1070000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.6-gke.1064001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182003 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2451000
    • 1.27.16-gke.2477000
    • 1.27.16-gke.2528000
    • 1.27.16-gke.2573000
    • 1.27.16-gke.2650000
    • 1.28.15-gke.1844000
    • 1.28.15-gke.1881000
    • 1.28.15-gke.1940000
    • 1.28.15-gke.2003000
    • 1.28.15-gke.2097000
    • 1.30.10-gke.1022000
    • 1.31.6-gke.1020000
    • 1.31.6-gke.1064000
    • 1.32.1-gke.1357001
    • 1.32.2-gke.1182001
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2595000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.2027000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.6-gke.1064001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.2-gke.1182003 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182003 is now the default version for cluster creation.
  • The following versions are now available:
  • The following node versions are now available:
  • The following versions are no longer available:
    • 1.29.13-gke.1109000
    • 1.29.14-gke.1132000
    • 1.29.15-gke.1017000
    • 1.29.15-gke.1058000
    • 1.29.15-gke.1108000
    • 1.29.15-gke.1134000
    • 1.30.9-gke.1046000
    • 1.30.9-gke.1201000
    • 1.30.10-gke.1022000
    • 1.30.10-gke.1145000
    • 1.30.10-gke.1227000
    • 1.30.10-gke.1227001
    • 1.30.11-gke.1008001
    • 1.30.11-gke.1072000
    • 1.30.11-gke.1093000
    • 1.31.5-gke.1169000
    • 1.31.5-gke.1169001
    • 1.31.5-gke.1233000
    • 1.31.5-gke.1233001
    • 1.31.6-gke.1020001
    • 1.31.6-gke.1064000
    • 1.31.6-gke.1099000
    • 1.31.6-gke.1140000
    • 1.31.6-gke.1221000
    • 1.31.6-gke.1221001
    • 1.31.7-gke.1013001
    • 1.31.7-gke.1112000
    • 1.31.7-gke.1149000
    • 1.32.1-gke.1729000
    • 1.32.2-gke.1182002
    • 1.32.2-gke.1297001
    • 1.32.2-gke.1400003
    • 1.32.2-gke.1652000
    • 1.32.2-gke.1652003
    • 1.32.3-gke.1057001
    • 1.32.3-gke.1170000
    • 1.32.3-gke.1440000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version1.30.10-gke.1070000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.31 to version1.31.6-gke.1064001 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.32 to version1.32.2-gke.1182003 with this release.

April 17, 2025

Feature

GKE Inference Gateway is now available to significantly improve the performance, efficiency, and observability of generative AI workloads on GKE.

GKE Inference Gateway provides:

  • Improved performance: AI serving tail latency is reduced, and AI serving throughput is increased through inference-optimized load balancing.
  • Efficient resource utilization: Enables dense multi-workload serving of multiple LoRA fine-tuned models on a shared accelerator, leading to higher GPU/TPU utilization.
  • Simplified operations: Features include model-aware routing, model-specific serving priority, and integrated AI Safety.
  • Enhanced observability: Golden signals of observability are provided for inference requests.

April 08, 2025

Change

(2025-R14) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

April 03, 2025

Feature

GKE now provides insights and recommendations that help youidentify workloads without resource requests or limits so that you can specify the resource needs for these workloads. Configuring CPU and memory requests and limits for containers is thebest practice for improving reliability and performance, and is a necessary prerequisite for understanding and optimizing resource utilization by your workloads and their cost.

April 02, 2025

Change

(2025-R13) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

Automatic application monitoring is now generally available in GKE versions 1.28 and later. When configured on GKE clusters, this feature automatically collects key metrics with Google Cloud Managed Service for Prometheus and provides out-of-the-box dashboards for monitoring the supported workloads. Automatic application monitoring supports six new AI model servers (NVIDIA Triton, vLLM, TGI, JetStream, TorchServe and TensorFlow Serving). For more information, seeConfigure automatic application monitoring.

March 28, 2025

Feature

In version 1.32.1-gke.1729000 and later, you can customize specific kubelet and Linux kernel parameters like sysctls and huge pages by using thenodeSystemConfig field in your GKE compute classes. Additionally, you can now specify default values for fields that are omitted in individual rules in a compute class by using thepriorityDefaults field. For details, seeAbout custom compute classes.

March 26, 2025

Change

(2025-R12) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

March 21, 2025

Feature

All GKE clusters now export four new rollup metrics by default at no additional charge. These new metrics are for monitoring GKE TPU NodePools and JobSets:

  • kubernetes.io/node_pool/accelerator/times_to_recover: Distribution of recovery period durations. Each sample indicates a single recovery operation for the NodePool to recover from a downtime period. The data is sampled within 60s after the completion of NodePool recovery, and emitted within 24h. This metric does not include a sample for downtime period longer than 7 days. This metric is only applicable for GKE multi-host TPU node pools.

  • kubernetes.io/jobset/times_between_interruptions: Distribution of times between the end of last interruption and beginning of current interruption for a JobSet. Each sample indicates a single duration between last and current interruption. The data is sampled within 60s after the current interruption starts, and emitted within 24h. The metric does not include a sample for duration between interruptions longer than 7 days. This metric is only applicable for JobSets running on nodes with GPU/TPU and having a single replicated job.

  • kubernetes.io/jobset/times_to_recover: Distribution of recovery period durations. Each sample indicates a single recovery operation for the JobSet to recover from a downtime period. The data is sampled within 60s after the completion of JobSet recovery, and emitted within 24h. This metric does not include samples for downtime periods longer than 7 days. This metric is only applicable for JobSets running on nodes with GPU/TPU and having a single replicated job.

  • kubernetes.io/jobset/uptime: Total time the JobSet has been available. The data is sampled every 60s and emitted within 24h after sampling. This metric is only applicable for JobSets running on nodes with GPU/TPU and having a single replicated job.

Feature

Starting in GKE version 1.32.1-gke.1729000, Autopilot clusters will automatically use the newPerformance HPA Profile. This new profile enables faster autoscaling on CPU and Memory metrics for up to 1,000HorizontalPodAutoscaler objects by routing autoscaling metrics through thegke-metrics-agent Daemonset. If desired, users can revert to the old autoscaling profile bydisabling the Peformance HPA Profile.

Feature

In GKE version 1.32.2-gke.1652000 and later, new external LoadBalancer Services use zonal Network Endpoint Group (NEG) backends by default. This applies only to new backend service-based external LoadBalancer Services. Existing LoadBalancer Services are not affected. To learn more, seeCreate a backend service-based external load balancer.

March 19, 2025

Change

(2025-R11) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182001 is now available in the Regular channel.
  • Version 1.32.2-gke.1182000 is no longer available in the Regular channel.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

March 18, 2025

Fixed

On GKE clusters running versions 1.32.2-gke.1182000 to 1.32.2-gke.1297000, Pods using Cloud Storage FUSE CSI driver volumes (persistent or CSI ephemeral) fail to schedule when both of the following are true:

The fix is available on GKE cluster version 1.32.2-gke.1297001 or later.

March 14, 2025

Feature

JobSet metrics are automatically available on new GKE Standard and Autopilot clusters starting from version 1.32.1-gke.1357001 or later. For existing clusters, you can upgrade your clusters and manually enable the JobSet metrics package. For more details on the list of JobSet metrics, seeJobSet metrics.

March 12, 2025

Change

(2025-R10) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.2-gke.1182000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.29.14-gke.1018000
    • 1.30.10-gke.1022000
    • 1.31.6-gke.1020000
    • 1.32.1-gke.1357001
    • 1.32.1-gke.1729000
    • 1.32.2-gke.1297000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.14-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.6-gke.1064000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.32.2-gke.1182000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.14-gke.1067000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.10-gke.1070000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.6-gke.1064000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.2-gke.1182000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.6-gke.1020000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.29.13-gke.1169000
    • 1.30.9-gke.1201000
    • 1.31.5-gke.1233000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.14-gke.1018000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.10-gke.1022000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.31.6-gke.1020000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.14-gke.1018000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.10-gke.1022000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.6-gke.1020000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.9-gke.1127000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.30.9-gke.1046000
    • 1.31.5-gke.1068000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.9-gke.1127000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.9-gke.1127000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.5-gke.1169000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.6-gke.1020000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2270000
    • 1.27.16-gke.2489000
    • 1.28.15-gke.1781000
    • 1.28.15-gke.1897000
    • 1.29.13-gke.1169000
    • 1.30.9-gke.1201000
    • 1.31.5-gke.1233000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2451000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1844000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.14-gke.1018000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.10-gke.1022000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.6-gke.1020000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

March 07, 2025

Feature

GKE now allows you to enable logging of Horizontal Pod Autoscaler decisions starting from GKE version 1.31.5-gke.1090000 or later, or version 1.32.1-gke.1260000 or later. These logs includeatomic recommendations (based on individual metrics) andfinal recommendations (consolidated HPA decisions). The logs are stored in Cloud Logging and offer insights into the decision-making process of the Horizontal Pod Autoscaler.

Feature

You can nowmonitor startup latency of Kubernetes workloads and nodes using the newStartup Latency dashboard available in the Observability tab on the Deployment details and Cluster details pages in the GKE Console. The dashboard is useful for tracking, troubleshooting and optimizing startup latency of your GKE workloads.

March 05, 2025

Change

(2025-R09) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1233000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.29.13-gke.1109000
    • 1.30.9-gke.1127000
    • 1.31.5-gke.1169000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.13-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.9-gke.1201000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.13-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.9-gke.1201000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.5-gke.1233000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.9-gke.1046000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.29.13-gke.1006000
    • 1.30.9-gke.1009000
    • 1.31.5-gke.1023000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.9-gke.1046000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.9-gke.1046000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.5-gke.1068000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.32 to version1.32.1-gke.1357001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1233000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2477000
    • 1.28.15-gke.1641000
    • 1.28.15-gke.1881000
    • 1.29.13-gke.1109000
    • 1.30.9-gke.1127000
    • 1.31.5-gke.1169000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1781000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.13-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.9-gke.1201000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.5-gke.1233000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Security

The Envoy project recently announced several new security vulnerabilities (CVE-2024-53269, CVE-2024-53270, and CVE-2024-53271) that could allow an attacker to crash Envoy.

For more details, see theGCP-2025-009 security bulletin.

March 04, 2025

Feature

Theeurope-north2 region in Stockholm, Sweden is now available. For more information, see theGlobal Locations.

February 28, 2025

Feature

New recommendations ofNODE_SA_MISSING_PERMISSIONS subtype are added to the portfolio ofGKE Recommendations. Use the new recommendations toidentify clusters with node service accounts missing IAM permissions that are critical for normal cluster operations.

If your organization has a policy todisable automatic role grants to default service accounts, the createddefault GKE node service account will not get the necessary permissions. Missing critical permissions can degrade your essential cluster operations, such as logging and monitoring.

February 27, 2025

Feature

The GKE Autopilot partner program now lets partners create and manage allowlists that correspond to specific partner workloads. In GKE version 1.32.1-gke.1729000 and later, you can explicitly install allowlists in your clusters to run only the partner solutions that you need.

To learn more, seeRun privileged workloads from GKE Autopilot partners.

February 26, 2025

Change

(2025-R08) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.1-gke.1729000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.29.13-gke.1109000
    • 1.29.13-gke.1169000
    • 1.30.9-gke.1201000
    • 1.30.9-gke.1231000
    • 1.31.5-gke.1169000
    • 1.31.5-gke.1233000
    • 1.32.1-gke.1489001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.14-gke.1018000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.10-gke.1022000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.6-gke.1020000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.14-gke.1018000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.10-gke.1022000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.6-gke.1020000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1169000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.29.13-gke.1038000
    • 1.30.9-gke.1046000
    • 1.31.5-gke.1068000
    • 1.32.1-gke.1200003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.13-gke.1109000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.9-gke.1127000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.13-gke.1109000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.9-gke.1127000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.5-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.1-gke.1357001 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.9-gke.1009000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.29.12-gke.1270000
    • 1.30.8-gke.1261000
    • 1.31.4-gke.1372000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.9-gke.1009000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.9-gke.1009000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.5-gke.1023000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1169000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2440000
    • 1.28.15-gke.1612000
    • 1.28.15-gke.1844000
    • 1.29.13-gke.1038000
    • 1.30.9-gke.1046000
    • 1.31.5-gke.1068000
    • 1.32.1-gke.1200003
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1641000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.13-gke.1109000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.9-gke.1127000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.5-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.1-gke.1357001 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 25, 2025

Feature

Three new metrics are added for checking node and node pool status:

  • kubernetes.io/node/status_condition: The condition of a node from the node status condition field. TheReady field hasUnknown status if the node controller has not heard from the node in the lastnode-monitor-grace-period period. This metric is available for clusters with GKE version 1.32.1-gke.1260000 and later.

  • kubernetes.io/node_pool/multi_host/available: The multi-host NodePool availability. Whenall the nodes in the node pool are available, the value isTrue. If any of the nodes in the node pool are unavailable, the value isFalse. This metric is available for Multi-host TPU node pools only.

  • kubernetes.io/node_pool/status: The current status of the node pool from theNodePool instance. Status updates happen after GKE API operations complete. This metric is available for Multi-host TPU node pools only.

February 21, 2025

Change

In GKE version 1.33 and later, if you omit thewhenUnsatisfiable field in a new GKE compute class specification, the default value isDoNotScaleUp.

In GKE versions earlier than 1.33, the default value isScaleUpAnyway. Ensure that your compute class specifications explicitly set a value in thewhenUnsatisfiable field after you upgrade to version 1.33. This change only affects newComputeClass objects that you create that omit thewhenUnsatisfiable field. Any existing compute classes that omit the field continue to useScaleUpAnyway as the default value even after you upgrade the cluster to version 1.33 or later.

To learn more about thewhenUnsatisfiable field, seeDefine scaling behavior when no priority rules apply.

February 20, 2025

Change

New GKE 1.27 patch versions starting with version 1.27.16-gke.2440000 are built with COS 109, because COS 105 is near the end of support. GKE makes new 1.27 patch versions available using COS 109. However, GKE won't auto-upgrade nodes across the COS milestone boundary, from a patch version using COS 105 to a patch version using COS 109.

If you manually upgrade your nodes to 1.27.16-gke.2440000 or later, GKE continues node auto-upgrades as normal. Control plane upgrades are unaffected, and cluster auto-upgrades to the next minor version towards the end of extended support proceed as normal.

To learn more, seeContainer-Optimized OS updates during the extended support period.

Feature

GKE Managed NVIDIA Data Center GPU Manager (DCGM) Metrics Package is now generally available for both GKE Standard and Autopilot clusters running version 1.32.0-gke.1764000 and later. You can enable the feature via the Console, gcloud, or Terraform. Starting with cluster version 1.32.1-gke.1357000, GKE Managed NVIDIA DCGM will be default-on for new clusters.

GKE Managed DCGM provides a curated set of metrics for monitoring the utilization, performance, and health of NVIDIA GPUs. These metrics are collected by Google Cloud Managed Service for Prometheus and you can view the metric charts in the Observability Tab on the Kubernetes Clusters page or in Cloud Monitoring. For more information, see Collect and view DCGM metrics.

To learn more, seeCollect and view DCGM metrics.

Feature

GKE automatically adds the following resource labels to node pools:

  • goog-gke-accelerator-type: The accelerator type used in the node pool.
  • goog-gke-tpu-node-pool-type: The TPU node pool type, which can be single-host or multi-host.
  • goog-gke-node-pool-provisioning-model: The provisioning model of the node pool. The nodes can be on demand, by reservation, or Spot VMs.

To learn more, seeAutomatically applied labels.

February 19, 2025

Change

Starting on July 1, 2025, new organizations will no longer be able to create GKE clusters withIdentity Service for GKE. You can continue to use Identity Service for GKE in existing organizations, but we encourage you to migrate toWorkforce Identity Federation.

Workforce Identity Federation is the recommended method for configuring access to your GKE clusters from external identity providers. Workforce Identity Federation provides a single hosted solution for managing external IdPs across Google Cloud products. Unlike Identity Service for GKE, Workforce Identity Federation doesn't install components in your cluster.

For details and migration instructions, seeUse external identity providers to authenticate to GKE.

February 18, 2025

Change

(2025-R07) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.1-gke.1489001 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.29.13-gke.1038000
    • 1.30.9-gke.1046000
    • 1.30.9-gke.1127000
    • 1.31.5-gke.1068000
    • 1.32.1-gke.1200003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.13-gke.1109000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.9-gke.1201000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.5-gke.1169000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.13-gke.1109000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.9-gke.1201000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.5-gke.1169000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.1-gke.1357001 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1068000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.29.13-gke.1006000
    • 1.30.9-gke.1009000
    • 1.31.5-gke.1023000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.9-gke.1046000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.9-gke.1046000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.5-gke.1068000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1261000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.29.12-gke.1143001
    • 1.30.8-gke.1162001
    • 1.31.4-gke.1256000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.8-gke.1261000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.8-gke.1261000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.4-gke.1372000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 11, 2025

Change

(2025-R06) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.32.1-gke.1200003 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1641000
    • 1.28.15-gke.1673000
    • 1.28.15-gke.1720000
    • 1.29.13-gke.1006000
    • 1.30.9-gke.1009000
    • 1.31.5-gke.1023000
    • 1.32.0-gke.1448000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.9-gke.1046000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.5-gke.1068000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.13-gke.1038000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.9-gke.1046000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.5-gke.1068000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1023000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1612000
    • 1.28.15-gke.1641000
    • 1.29.12-gke.1270000
    • 1.30.8-gke.1261000
    • 1.31.4-gke.1372000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.9-gke.1009000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.9-gke.1009000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.5-gke.1023000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.32 to version1.32.1-gke.1200003 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1162001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.15-gke.1480000
    • 1.28.15-gke.1503000
    • 1.29.12-gke.1120001
    • 1.30.8-gke.1128001
    • 1.30.8-gke.1162000
    • 1.31.4-gke.1183000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.12-gke.1143001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.8-gke.1162001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.12-gke.1143001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.8-gke.1162001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.4-gke.1256000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1023000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2246000
    • 1.27.16-gke.2342000
    • 1.29.12-gke.1270000
    • 1.30.8-gke.1261000
    • 1.31.4-gke.1372000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.9-gke.1009000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.5-gke.1023000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.32 to version1.32.1-gke.1200003 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 06, 2025

Change

(2025-R05) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1068000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1612000
    • 1.29.12-gke.1270000
    • 1.30.9-gke.1027000
    • 1.31.4-gke.1372000
    • 1.32.0-gke.1538000
    • 1.32.1-gke.1200000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1641000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.5-gke.1023000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1641000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.5-gke.1023000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.1-gke.1200003 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1372000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1503000
    • 1.29.12-gke.1143000
    • 1.29.12-gke.1143001
    • 1.30.8-gke.1162000
    • 1.30.8-gke.1162001
    • 1.31.4-gke.1256000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1612000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.8-gke.1261000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1612000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.8-gke.1261000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.4-gke.1372000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1128001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.15-gke.1435000
    • 1.29.12-gke.1055000
    • 1.29.12-gke.1055001
    • 1.30.8-gke.1051000
    • 1.30.8-gke.1051001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.12-gke.1120001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.8-gke.1128001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.12-gke.1120001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.8-gke.1128001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1372000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2142000
    • 1.27.16-gke.2296000
    • 1.28.15-gke.1503000
    • 1.29.12-gke.1143000
    • 1.29.12-gke.1143001
    • 1.30.8-gke.1162000
    • 1.30.8-gke.1162001
    • 1.31.4-gke.1256000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2246000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1612000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.8-gke.1261000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.4-gke.1372000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

Weighted load balancing for GKE External LoadBalancer Services is now generally available on GKE clusters running version 1.31.0-gke.1506000 or later. Weighted load balancing is a more efficient way to distribute traffic to nodes based on the number of serving Pods they have backing the Service.

To learn more, seeWeighted load balancing.

February 04, 2025

Fixed

A bug in theimage streaming feature caused authentication-related failures in specific scenarios when the workload tried to access container image data. This bug has been fixed in the following GKE versions:

  • 1.32.0-gke.1448000 and above.
  • 1.31.4-gke.1183000 and above.
  • 1.30.8-gke.1261000 and above.
Security

A security vulnerability was discovered in the Google Secret Manager Provider for Secret Store CSI Driver. This vulnerability could allow an attacker to gain access to the Kubernetes service account token of the CSI driver.

For more details, seeGCP-2025-006 security bulletin.

Feature

GKE cluster notifications have the following new capabilities:

For more details about the different types of cluster notifications GKE sends and how you can receive them, seeCluster notifications.

February 03, 2025

Change

Starting on February 3, 2025, GKE will create a new service agent namedservice-{PROJECT_NUMBER}@gcp-sa-gkenode.iam.gserviceaccount.com that the GKE system workloads that run on your worker nodes can use. This service agent will only have the minimum permissions that GKE needs to operate these nodes by default, and will help to isolate the requirements of GKE-managed workloads from the requirements of your workloads. GKE-managed system workloads will begin using this service agent in an upcoming GKE version, which we'll announce in a separate release note.

January 30, 2025

Deprecated

Starting on January 28, 2025, the following Preview features are deprecated:

  • GKE threat detection
  • Supply chain concerns - Binary Authorization
  • GKE Compliance dashboard

For deprecation and removal dates, and for information about alternatives, seePosture management deprecations.

January 29, 2025

Change

(2025-R04) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.5-gke.1023000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1503000
    • 1.29.12-gke.1143000
    • 1.30.8-gke.1261000
    • 1.30.8-gke.1282000
    • 1.31.4-gke.1256000
    • 1.32.1-gke.1002000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1612000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.9-gke.1009000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.4-gke.1372000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1612000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.12-gke.1270000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.9-gke.1009000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.4-gke.1372000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1256000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1480000
    • 1.29.12-gke.1120000
    • 1.30.8-gke.1128000
    • 1.31.4-gke.1183000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1503000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.12-gke.1143000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.8-gke.1162000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1503000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.12-gke.1143000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.8-gke.1162000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.4-gke.1256000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1051000 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.15-gke.1342000
    • 1.29.10-gke.1280000
    • 1.30.5-gke.1713000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.15-gke.1435000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.12-gke.1055000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.8-gke.1051000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.15-gke.1435000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.12-gke.1055000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.8-gke.1051000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.31 to version1.31.4-gke.1183000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1256000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2122000
    • 1.27.16-gke.2270000
    • 1.28.15-gke.1480000
    • 1.29.12-gke.1120000
    • 1.30.8-gke.1128000
    • 1.31.4-gke.1183000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2142000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1503000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.12-gke.1143000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.8-gke.1162000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.4-gke.1256000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

January 23, 2025

Change

(2025-R03) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1372000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1480000
    • 1.29.12-gke.1120000
    • 1.30.8-gke.1162000
    • 1.30.8-gke.1224000
    • 1.31.4-gke.1183000
    • 1.32.0-gke.1709000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1503000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.12-gke.1143000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.8-gke.1261000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.4-gke.1256000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1503000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.12-gke.1143000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.8-gke.1261000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.4-gke.1256000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1183000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1435000
    • 1.29.12-gke.1055000
    • 1.30.8-gke.1051000
    • 1.31.3-gke.1162000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.12-gke.1120000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.8-gke.1128000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.12-gke.1120000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.8-gke.1128000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.4-gke.1183000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1183000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2081000
    • 1.27.16-gke.2246000
    • 1.28.15-gke.1435000
    • 1.29.12-gke.1055000
    • 1.30.8-gke.1051000
    • 1.31.3-gke.1162000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2122000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.12-gke.1120000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.8-gke.1128000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.4-gke.1183000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

You can nowcustomize a node system configuration with the following new kubelet and sysctl configuration options:

  • Kubelet

    • containerLogMaxSize
    • containerLogMaxFiles
    • imageGcLowThresholdPercent
    • imageGcHighThresholdPercent
    • imageMinimumGcAge
    • imageMaximumGcAge (1.30.7-gke.1076000 and later, 1.31.3-gke.1023000 and later)
    • allowedUnsafeSysctls (1.32.0-gke.1448000 and later)

  • Sysctl

    • kernel.shmmni
    • kernel.shmmax
    • kernel.shmall
    • net.netfilter.nf_conntrack_acct (1.32.0-gke.1448000 and later)
    • net.netfilter.nf_conntrack_max (1.32.0-gke.1448000 and later)
    • net.netfilter.nf_conntrack_buckets (1.32.0-gke.1448000 and later)
    • net.netfilter.nf_conntrack_tcp_timeout_close_wait (1.32.0-gke.1448000 and later)
    • net.netfilter.nf_conntrack_tcp_timeout_established (1.32.0-gke.1448000 and later)
    • net.netfilter.nf_conntrack_tcp_timeout_time_wait (1.32.0-gke.1448000 and later)

To learn more, seeKubelet configuration options andSysctl configuration options.

Feature

User-managed firewall rules for GKE LoadBalancer Services is now generally available on GKE clusters running version 1.31.3-gke.1056000 or later. By allowing user-managed firewall rules for GKE LoadBalancer Services, advanced firewall policies can now be configured to control ingress traffic to your GKE Services exposed with passthrough network load balancers. To learn more, seeUser-managed firewall rules for GKE LoadBalancer Services.

Change

Starting with GKE version 1.32.1-gke.1002000, the default OS image for Ubuntu is updated from Ubuntu 22.04 to Ubuntu 24.04.

January 21, 2025

Feature

You can now use A3 Ultra VM powered by NVIDIA H200 Tensor Core GPUs with our new Titanium ML network adapter, which delivers non-blocking 3.2 Tbps of GPU-to-GPU traffic with RDMA over Converged Ethernet (RoCE).

A3 Ultra VMs are generally available in thea3-ultragpu-8g machine type and can be used through both the modes of operation in Google Kubernetes Engine (GKE):

January 16, 2025

Deprecated

With minor version 1.33, GKE nodes use containerd 2.0, which removes support for Docker Schema 1 images and the CRI v1alpha2 API. GKE pauses automatic upgrades to 1.33 when it detects that a cluster uses the deprecated features. To prepare for this change, seeMigrate nodes to containerd 2.

January 14, 2025

Change

(2025-R02) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1051000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1342000
    • 1.28.15-gke.1362000
    • 1.29.10-gke.1280000
    • 1.30.6-gke.1596000
    • 1.30.7-gke.1084000
    • 1.31.1-gke.2105000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1435000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.12-gke.1055000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.8-gke.1051000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1435000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.12-gke.1055000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.8-gke.1051000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.3-gke.1162000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1713000 is now the default version for cluster creation in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.28.15-gke.1020000
    • 1.29.10-gke.1054000
    • 1.29.10-gke.1155000
    • 1.30.5-gke.1699000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.5-gke.1713000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.5-gke.1713000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.8-gke.1051000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.2142000
    • 1.28.15-gke.1342000
    • 1.28.15-gke.1362000
    • 1.29.10-gke.1280000
    • 1.30.6-gke.1596000
    • 1.30.7-gke.1084000
    • 1.31.1-gke.2105000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1435000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.12-gke.1055000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.8-gke.1051000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.3-gke.1162000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

January 09, 2025

Security

A security issue impacted resources in VPCs with GKE Multi-Cluster Gateway (MCG) configured. MCG is an optional feature that is used by a small subset of GKE customers. We are individually notifying customers who had the feature enabled during that time period.

For more details, see theGCP-2025-001 security bulletin.

January 07, 2025

Change

(2025-R01) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.4-gke.1183000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1342000
    • 1.28.15-gke.1362000
    • 1.28.15-gke.1388000
    • 1.28.15-gke.1435000
    • 1.29.10-gke.1280000
    • 1.29.11-gke.1012000
    • 1.29.11-gke.1045000
    • 1.29.12-gke.1055000
    • 1.30.6-gke.1596000
    • 1.30.7-gke.1084000
    • 1.30.7-gke.1136000
    • 1.30.8-gke.1051000
    • 1.31.3-gke.1006000
    • 1.31.3-gke.1056000
    • 1.31.3-gke.1121001
    • 1.31.3-gke.1162000
    • 1.31.4-gke.1072000
    • 1.31.4-gke.1177000
    • 1.32.0-gke.1358000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.12-gke.1120000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.8-gke.1128000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.4-gke.1183000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1480000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.12-gke.1120000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.8-gke.1128000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.4-gke.1183000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.32 to version1.32.0-gke.1448000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.6-gke.1596000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1159000
    • 1.29.10-gke.1227000
    • 1.30.6-gke.1125000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.6-gke.1596000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.6-gke.1596000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.6-gke.1596000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1836000
    • 1.27.16-gke.2027000
    • 1.27.16-gke.2051000
    • 1.28.15-gke.1159000
    • 1.29.10-gke.1227000
    • 1.30.6-gke.1125000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.2081000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.6-gke.1596000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

December 26, 2024

Change

(2024-R50) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

December 18, 2024

Change

(2024-R49) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

December 17, 2024

Feature

New features

Deprecated

Deprecated in Kubernetes 1.32

  • The following Beta versions of graduated APIs weredeprecated in 1.29 and removed in 1.32 in favor of newer versions:

    • flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.29, will no longer be served in 1.32,
      • instead, useflowcontrol.apiserver.k8s.io/v1, available since 1.29.

  • Thestatus.nodeInfo.kubeProxyVersion field in the Node API is deprecated and will not be populated starting in v1.33. The field is currently populated with the kubelet version, not the kube-proxy version, and might not accurately reflect the kube-proxy version in use. For more information, seeKEP-4004.

Announcement

1.32 is now available in the Rapid channel

Kubernetes 1.32 is now available in the Rapid channel. For more information about the content of Kubernetes 1.32, read theKubernetes 1.32 Release Notes.

December 16, 2024

Feature

Cloud DNS additive VPC scope is now generally available on GKE clusters running version1.28.3-gke.1430000 or later. You can now configure your GKE clusters to add GKE headless service entries to your Cloud DNS private zone visible from your VPC networks, on top of using Cloud DNS (cluster scope) as your GKE DNS provider.

To learn more, readCloud DNS scopes for GKE.

Feature

Trillium, our sixth-generation TPU, is now generally available. Support is available for GKE Standard clusters in version1.31.1-gke.1846000 or later, and Autopilot clusters in version1.31.2-gke.1384000 or later. You can use TPU Trillium in theus-east5-b,europe-west4-a,us-east1-d,asia-northeast1-b, andus-south1-a zones.

To learn more, seeBenefits of using TPU Trillium.

December 13, 2024

Feature

GKE now provides insights and recommendations that help you identify and amend clusters running a minor version that reachedend of standard support, clusters with nodes inviolation of version skew policy, and clusterswithout a maintenance window to achieve reliable operations, up-to-date security posture and supportability.

Feature

The C4A machine family is generally available in the following versions:

  • Standard clusters in version1.28.13-gke.1024000,1.29.8-gke.1057000,1.30.4-gke.1213000 or later. To use this family in GKE Standard, you can use the--machine-type flag when creating a cluster or node pool.

  • Autopilot clusters in1.28.15-gke.1344000,1.29.11-gke.1012000,1.30.7-gke.1136000,1.31.3-gke.1056000 or later. To use this family in GKE Autopilot, schedule your workloads along with thekubernetes.io/machine-family: c4a node selector. In versions1.31 or above, thekubernetes.io/arch: arm64 node selector would default to C4A machine family.

Cluster autoscaler and node auto-provisioning are supported in1.28.15-gke.1344000,1.29.11-gke.1012000,1.30.7-gke.1136000,1.31.3-gke.1056000 or later.

Local SSD support is available for PublicPreview from1.31.1-gke.2008000. Contact your Account Team to participate in the preview.

December 12, 2024

Change

(2024-R48) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.6-gke.1125000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.15-gke.1020000
    • 1.28.15-gke.1080000
    • 1.29.10-gke.1054000
    • 1.29.10-gke.1155000
    • 1.30.5-gke.1699000
    • 1.30.5-gke.1713000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1159000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.10-gke.1227000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.6-gke.1125000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1159000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.10-gke.1227000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.6-gke.1125000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1699000 is now the default version for cluster creation in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.28.14-gke.1340000
    • 1.29.9-gke.1496000
    • 1.30.5-gke.1443001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.5-gke.1699000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.5-gke.1699000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.6-gke.1125000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1784000
    • 1.28.15-gke.1020000
    • 1.28.15-gke.1080000
    • 1.29.10-gke.1054000
    • 1.29.10-gke.1155000
    • 1.30.5-gke.1699000
    • 1.30.5-gke.1713000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1836000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1159000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.10-gke.1227000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.6-gke.1125000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Change

Starting with GKE version 1.33, clusters runningcgroupv1 will automatically be upgraded tocgroupv2 unless you opt out first. For more information, seeMigrate nodes to cgroupv2.

December 10, 2024

Change

(2024-R47) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.3-gke.1006000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.15-gke.1020000
    • 1.28.15-gke.1041000
    • 1.28.15-gke.1080000
    • 1.28.15-gke.1159000
    • 1.29.10-gke.1054000
    • 1.29.10-gke.1071000
    • 1.29.10-gke.1155000
    • 1.29.10-gke.1227000
    • 1.30.5-gke.1699000
    • 1.30.5-gke.1713000
    • 1.30.6-gke.1059000
    • 1.30.6-gke.1125000
    • 1.31.1-gke.2105000
    • 1.31.2-gke.1354000
    • 1.31.2-gke.1384000
    • 1.31.2-gke.1518000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.6-gke.1596000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.3-gke.1006000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.10-gke.1280000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.6-gke.1596000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.3-gke.1006000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1699000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.14-gke.1340000
    • 1.28.14-gke.1376000
    • 1.29.9-gke.1496000
    • 1.29.9-gke.1541000
    • 1.30.5-gke.1443001
    • 1.31.1-gke.1846000
    • 1.31.1-gke.2008000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.5-gke.1699000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.5-gke.1699000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.1-gke.2105000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1443001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.14-gke.1099000
    • 1.28.14-gke.1217000
    • 1.29.9-gke.1177000
    • 1.30.5-gke.1014003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.5-gke.1443001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.5-gke.1443001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1699000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1681000
    • 1.27.16-gke.1742000
    • 1.27.16-gke.2019000
    • 1.28.14-gke.1340000
    • 1.28.14-gke.1376000
    • 1.29.9-gke.1496000
    • 1.29.9-gke.1541000
    • 1.30.5-gke.1443001
    • 1.31.1-gke.1846000
    • 1.31.1-gke.2008000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1784000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.5-gke.1699000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.1-gke.2105000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

December 02, 2024

Feature

In GKE version 1.31.1-gke.2105000 or later, you can now configure custom compute classes to consume Compute Engine reservations. Workloads that use those custom compute classes automatically trigger reservation consumption during node creation. This lets you manage reservation consumption more centrally. To learn more, seeAbout custom compute classes.

November 27, 2024

Change

(2024-R46) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

Cloud TPU Trillium (v6e) machine types are now in public preview for Autopilot clusters running version 1.31.2-gke.1384000 or later. These TPUs are available in the following zones:us-east5-b,europe-west4-a,us-east1-d,asia-northeast1-b, andus-south1-a. To learn more, seePlan TPUs in GKE.

November 26, 2024

Feature

Cluster autoscaler and node auto-provisioning support the C4 machine family in GKE version 1.28.15-gke.1159000, 1.29.10-gke.1227000 or later.

November 21, 2024

Change

If your GKE cluster was created before version 1.26, you can nowmigrate it to cgroupv2. This migration enables the use ofPod bursting in Autopilot mode.

November 20, 2024

Feature

You can now specify a custom resource policy as a compact placement policy with node auto-provisioning in clusters running GKE version 1.31.1-gke.2010000 or later. To learn more, seeUse compact placement for node auto-provisioning.

November 19, 2024

Change

(2024-R45) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

GKE version 1.31 introduces increased scalability, allowing users to create clusters with up to 65,000 nodes. For clusters exceeding 5,000 nodes, a quota increase is required. Contact Google Cloud support to request this increase.

November 18, 2024

Feature

Performance horizontal Pod autoscaling (HPA) profile is now available in Preview for new and existing GKE clusters running version 1.31.2-gke.1138000 or later. This feature speeds up HPA reaction time and enables quick recalculation of up to 1,000 HPA objects. To learn more, seeConfiguring Performance HPA profile.

November 13, 2024

Change

(2024-R44) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.1-gke.2105000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.14-gke.1376000
    • 1.29.9-gke.1541000
    • 1.30.5-gke.1628000
    • 1.31.1-gke.1846000
    • 1.31.2-gke.1115000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1699000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.1-gke.2105000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.15-gke.1020000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.10-gke.1054000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1699000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.1-gke.2105000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

November 11, 2024

Change

Clusters now have unified and flexible configuration, allowing you to modify control plane access and cluster node settings at any time, without the need to recreate the cluster. This eliminates the previous distinction between private and public clusters. All clusters support this flexibility and utilize DNS-based endpoints for secure and direct control plane access from any network, removing the need for bastion hosts or proxies. You can still enhance security with measures like VPC Service Controls.

To learn more, seeAbout network isolation in GKE.

Feature

DNS-based access for GKE clusters control plane is now generally available. This capability provides each cluster with a unique domain name system (DNS) name or fully-qualified domain name (FQDN). Access to clusters is controlled through IAM policies, eliminating the need for bastion hosts or proxy nodes. Authorized users can connect to the control plane from different cloud networks, on-prem deployments, or from remote locations, without relying on proxies.

To learn more, seeAbout network isolation in GKE.

November 08, 2024

Fixed

The machine family of N1 custom machine types (likecustom-1-1024) is now accurately labeled as "N1" for all node versions later than 1.31.2-gke.1115000.

November 07, 2024

Feature

GKE clusters running version 1.28 or later now support automatic application monitoring in public preview. Enabling this feature automatically deploysPodMonitoring configurations to capture key metrics for supported workloads like Apache Airflow, Istio, and RabbitMQ. These metrics are integrated with Cloud Monitoring dashboards for observability. To learn more, seeConfigure automatic application monitoring for workloads.

November 06, 2024

Change

(2024-R43) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.14-gke.1340000
    • 1.28.15-gke.1015000
    • 1.29.9-gke.1496000
    • 1.29.10-gke.1043000
    • 1.30.5-gke.1443001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.14-gke.1376000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.9-gke.1541000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1628000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.14-gke.1376000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.9-gke.1541000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1628000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1443001 is now the default version for cluster creation in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.28.14-gke.1217000
    • 1.29.9-gke.1341000
    • 1.30.5-gke.1355000
    • 1.31.1-gke.1678000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.5-gke.1443001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.5-gke.1443001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.31 to version1.31.1-gke.1846000 with this release.

Stable channel

There are no new releases in the Stable channel.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1443001 is now the default version for cluster creation in the Extended channel.
  • The following versions are no longer available in the Extended channel:
    • 1.28.14-gke.1217000
    • 1.29.9-gke.1341000
    • 1.30.5-gke.1355000
    • 1.31.1-gke.1678000
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.5-gke.1443001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.31 to version1.31.1-gke.1846000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

The GKE Volume Populator is generally available on GKE clusters running version 1.31.1-gke.1729000 or later. This feature provides a way to automate data transfer from a Google Cloud Storage bucket source storage to a destination PersistentVolumeClaim backed by a Parallelstore instance. To learn more, seeTransfer data from Cloud Storage during dynamic provisioning using GKE Volume Populator.

November 05, 2024

Feature

Generally available: In GKE version 1.26 and later, Hyperdisk Balanced volumes can be created in Confidential mode forcustom boot disks andpersistent volumes and attached toConfidential GKE Nodes.

Feature

Cloud TPU v6e machine types are now in public preview for GKE clusters running version 1.30.4-gke.1167000 or later. These TPU VMs (ct6e-standard) are available in the following zones:us-east5-b,europe-west4-a,us-east1-d,asia-northeast1-b, andus-south1-a. To learn more, seePlan TPUs in GKE.

October 31, 2024

Fixed

Clusters that are experiencing stale endpoint resources and stale kube-dns entries are likely affected byKubernetes issue #126578. Your cluster is most likely affected if endpoint resources consistently have incorrect Pod IPs. This issue has been fixed in the following GKE versions or later:

  • 1.28.14-gke.1115000
  • 1.29.9-gke.1207000
  • 1.30.5-gke.1171000
  • 1.31.1-gke.1414000
Feature

For GKE clusters running version 1.31.1-gke.1146000 or later, Cloud Tensor Processing Unit (TPU) v3 machine types are generally available. These TPU VMs (ct3-hightpu-4t andct3p-hightpu-4t) are currently available in us-east1-d, europe-west4-a, us-central1-a, us-central1-b, and us-central1-f. To learn more, seeTPUs in GKE.

Feature

GKE control plane authority is now generally available with version 1.31.1-gke.1846000 or later. GKE control plane authority provides enhanced visibility, security controls, and customization of the GKE control plane. For more information, see theAbout GKE control plane authority.

October 30, 2024

Change

(2024-R42) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.1-gke.1846000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.14-gke.1217000
    • 1.29.9-gke.1341000
    • 1.30.5-gke.1355000
    • 1.31.1-gke.1678000
    • 1.31.1-gke.2008000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1443001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.1-gke.1846000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.14-gke.1340000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.9-gke.1496000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1443001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.1-gke.1846000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1355000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.28.14-gke.1099000
    • 1.29.9-gke.1177000
    • 1.30.5-gke.1014001
    • 1.30.5-gke.1014003
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.14-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.9-gke.1341000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.5-gke.1355000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.14-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.9-gke.1341000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.5-gke.1355000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1014003 is now the default version for cluster creation in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.28.14-gke.1004000
    • 1.29.8-gke.1278000
    • 1.30.5-gke.1014001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.14-gke.1099000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.9-gke.1177000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.5-gke.1014003 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.14-gke.1099000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.9-gke.1177000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.5-gke.1014003 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1355000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1712000
    • 1.28.14-gke.1099000
    • 1.29.9-gke.1177000
    • 1.30.5-gke.1014001
    • 1.30.5-gke.1014003
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.14-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.9-gke.1341000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.5-gke.1355000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

Weighted load balancing for GKE External LoadBalancer Services is now available in Preview. Weighted load balancing is a more efficient way to distribute traffic to nodes based on the number of serving Pods they have backing the Service. To learn more, seeAbout LoadBalancer Services.

October 29, 2024

Change

Instance Group Managers for node pools created with version 1.30.5-gke.1523000 or later and 1.31.1-gke.1869000 or later will now haveupdate on repair enabled by default. This will allow labels to persist upon Spot VM preemption.

Feature

Three new metrics are added for measuring node and workload startup latency:

  • kubernetes.io/node/latencies/startup: The total startup latency of a node, from the GCE instance'sCreationTimestamp toKubernetes Node Ready for the first time.

  • kubernetes.io/pod/latencies/pod_first_ready: The Pod end-to-end startup latency (from PodCreated toReady), including image pulls. This metric is available for clusters with GKE version 1.31.1-gke.1678000 or later.

  • kubernetes.io/autoscaler/latencies/per_hpa_recommendation_scale_latency_seconds: Horizontal Pod Autoscaling (HPA) scaling recommendation latency (the time between metrics being created and the corresponding scaling recommendation being applied to the API server) for the HPA target. This metric is available for clusters running the following versions or later:

    • 1.30.4-gke.1348001
    • 1.31.0-gke.1324000

October 28, 2024

Feature

The A3 Edge (a3-edgegpu-8g) machine type with H100 80GB GPUs attached is now available on GKE Standard clusters. To learn more, seeAbout GPUs.

October 25, 2024

Change

(2024-R41) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.1-gke.1678000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.28.14-gke.1099000
    • 1.29.9-gke.1177000
    • 1.30.5-gke.1145000
    • 1.31.1-gke.1146000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.14-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.9-gke.1341000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1355000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.1-gke.1678000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.14-gke.1217000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.9-gke.1341000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1355000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.1-gke.1678000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.5-gke.1014001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.13-gke.1119000
    • 1.29.8-gke.1211000
    • 1.30.4-gke.1348001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.14-gke.1004000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.5-gke.1014001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.14-gke.1004000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.5-gke.1014001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

October 17, 2024

Change

(2024-R40) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.4-gke.1348001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.28.13-gke.1049000
    • 1.29.8-gke.1096000
    • 1.30.3-gke.1969002
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.4-gke.1348001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.4-gke.1348001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.16-gke.1681000 is now available in the Extended channel.
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1576000
    • 1.28.14-gke.1004000
    • 1.29.8-gke.1278000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.14-gke.1099000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.9-gke.1177000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
Feature

In GKE clusters with the control plane running version 1.29.1-gke.1425000 or later, TPU slice nodes supportSIGTERM signals that alert the node of an imminent shutdown. The imminent shutdown notification is configurable up to five minutes in TPU nodes. To configure GKE to terminate your workloads gracefully within this notification timeframe, seeManage GKE node disruption for GPUs and TPUs.

Feature

You can now use NVIDIA H100 80GB GPUs on GKE in the following smaller machine types:

  • a3-highgpu-1g (1 GPU)
  • a3-highgpu-2g (2 GPUs)
  • a3-highgpu-4g (4 GPUs)

These machine types are available throughDynamic Workload Scheduler Flex Start mode,Spot VMs in GKE Standard mode clusters, orSpot Pods in GKE Autopilot mode clusters. You can only provision these machine types if there's available capacity in your region.

GKE continues to support the 8 GPU H100 80GB machine types:a3-highgpu-8g anda3-megagpu-8g.

Feature

The new release of theGKE Gateway controller (2024-R2) is now generally available. With this release, the GKE Gateway controller provides the following new capabilities:

Conformance:

To learn more about our GKE Gateway controller capabilities, see thesupported capabilities per GatewayClass.

October 16, 2024

Change

In GKE version 1.31.1-gke.1621000 and later, thekube_pod_resource_request metric and thekube_pod_resource_limit metric are exported as part of the thescheduler metrics package.

October 15, 2024

Change

For newly-created VPC Peering-based clusters running version 1.27 or later, traffic from thekube-apiserver to nodes routes throughthe Konnectivity service. For existing VPC Peering-based clusters, GKE gradually migrates your cluster to use the Konnectivity service.

Fixed

On GKE Autopilot clusters running version 1.30 and later, partner workloads that set AppArmor profiles might unexpectedly be rejected at admission. This might include installations of Prisma Defender, Wiz Runtime Sensor, Sentinel One Agent, Checkpoint CloudGuard, Aqua Security Enforcer and Splunk OTEL Collector.

The following GKE versions contain a fix for this issue:

  • 1.30.5-gke.1355000 and later
  • 1.31.1-gke.1621000 and later

Clusters in any release channel can be created on or upgraded to these versions. For details, seeManually upgrading the control plane.

Feature

You can now create workloads with multiple network interfaces in GKE Autopilot clusters running version 1.29.5-gke.1091000 and later or version 1.30.1-gke.1280000 and later. For more information, seeSetup multi-network support for Pods.

October 11, 2024

Change

(2024-R39) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.31.1-gke.1146000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1373000
    • 1.27.16-gke.1478000
    • 1.29.8-gke.1278000
    • 1.30.5-gke.1014000
    • 1.31.1-gke.1000000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.9-gke.1177000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1145000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.1-gke.1146000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.9-gke.1177000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1145000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.1-gke.1146000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.5-gke.1014001 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1342000
    • 1.27.16-gke.1373000
    • 1.28.13-gke.1119000
    • 1.29.8-gke.1211000
    • 1.30.4-gke.1348000
    • 1.30.4-gke.1348001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.14-gke.1004000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.5-gke.1014001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.14-gke.1004000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.5-gke.1014001 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.3-gke.1969002 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.27.16-gke.1148001
    • 1.27.16-gke.1258000
    • 1.27.16-gke.1287000
    • 1.28.13-gke.1024000
    • 1.29.8-gke.1057000
    • 1.30.3-gke.1969001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.8-gke.1096000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.3-gke.1969002 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.8-gke.1096000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.3-gke.1969002 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.5-gke.1014001 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.28.13-gke.1119000
    • 1.29.8-gke.1211000
    • 1.30.4-gke.1348000
    • 1.30.4-gke.1348001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.14-gke.1004000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.5-gke.1014001 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

October 04, 2024

Security

CVE-2024-45016 was discovered in the Linux kernel, which can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more details, see theGCP-2024-057 security bulletin.

Feature

The following beta APIs were added in Kubernetes 1.31 and are available in GKE version 1.31.1-gke.1361000 and later:

  • networking.k8s.io/v1beta1/ipaddresses
  • networking.k8s.io/v1beta1/servicecidrs

Enabling both APIs at the same time enables the Multiple Service CIDRs Kubernetes feature in a GKE cluster. For more information, see the following resources:

During the beta phase, you can only create Service CIDRs in the34.118.224.0/20 reserved IP address range to avoid possible issues with overlapping IP address ranges.

Feature

Ray Operator on GKE is now generally available on 1.29 and later. Ray Operator is a GKE add-on that lets you manage and scaleRay applications. To learn more, see theRay Operator documentation.

October 03, 2024

Change

(2024-R38) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.1-gke.1000000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1342000
    • 1.28.13-gke.1119000
    • 1.28.14-gke.1004000
    • 1.29.8-gke.1211000
    • 1.30.4-gke.1348000
    • 1.31.0-gke.1577000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1373000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.14-gke.1099000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.5-gke.1014000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.1-gke.1000000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1373000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.14-gke.1099000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.8-gke.1278000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.5-gke.1014000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.1-gke.1000000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.4-gke.1348000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1287000
    • 1.28.13-gke.1049000
    • 1.29.8-gke.1096000
    • 1.30.3-gke.1969001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.4-gke.1348000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.4-gke.1348000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.4-gke.1348000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1287000
    • 1.28.13-gke.1049000
    • 1.29.8-gke.1096000
    • 1.30.3-gke.1969001
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.4-gke.1348000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.4-gke.1348000 is now the default version for cluster creation.
  • The following versions are now available:
  • The following node versions are now available:
  • The following versions are no longer available:
    • 1.28.13-gke.1006000
    • 1.29.8-gke.1031000
    • 1.30.3-gke.1639000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version1.29.8-gke.1211000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version1.29.8-gke.1211000 with this release.

October 01, 2024

Feature

In GKE version 1.30.3-gke.1639000 and later and 1.31.0-gke.1058000 and later, GKE can handle GPU and TPU node disruptions by notifying you in advance of a shutdown and by gracefully terminating your workloads. This feature is generally available. For details, seeManage GKE node disruption for GPUs and TPUs.

Feature

GKE now supports the Parallelstore CSI driver in allowlisted general availability (GA), which means that you can reach out to your Google support team to use the service underGA terms.

Parallelstore accelerates AI/ML training and excels at saturating individual compute clients, ensuring that expensive compute resources are efficiently used. The product demonstrated a 3.9x training time improvement and 3.7x better throughput improvement compared to native ML framework data loaders and saturates single clients NIC bandwidth at 90%+.

For details, seeAbout the GKE Parallelstore CSI driver.

September 26, 2024

Change

(2024-R37) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.31.0-gke.1577000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1287000
    • 1.28.13-gke.1049000
    • 1.29.8-gke.1096000
    • 1.30.3-gke.1969001
    • 1.30.4-gke.1476000
    • 1.31.0-gke.1506000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.4-gke.1348000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.31.0-gke.1577000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1342000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.13-gke.1119000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.8-gke.1211000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.4-gke.1348000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.0-gke.1577000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1148001
    • 1.27.16-gke.1258000
    • 1.28.13-gke.1006000
    • 1.28.13-gke.1024000
    • 1.29.8-gke.1031000
    • 1.29.8-gke.1057000
    • 1.30.3-gke.1639000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.8-gke.1096000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.8-gke.1096000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.3-gke.1969001 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.27.16-gke.1051001
    • 1.28.12-gke.1052000
    • 1.28.12-gke.1179000
    • 1.29.7-gke.1104000
    • 1.29.7-gke.1274000
    • 1.30.2-gke.1587003
    • 1.30.3-gke.1639000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.16-gke.1148001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.8-gke.1031000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.30.3-gke.1969001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.16-gke.1148001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.8-gke.1031000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.3-gke.1969001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

September 24, 2024

Fixed

GKE clusters usingthe Network Policy feature and Pods specifying ahostPort might have experienced networking connectivity issues after control plane upgrades. As a precaution, GKE disabled auto-upgrades for potentially impacted clusters.

The following GKE versions contain a fix for this issue and are safe to manually upgrade to:

  • 1.27.16-gke.1342000 or later
  • 1.28.13-gke.1078000 or later
  • 1.29.8-gke.1157000 or later
  • 1.30.4-gke.1282000 or later
  • 1.31 or later

GKE control plane upgrades are now resumed and clusters will be auto-upgraded when the patch version becomes an auto-upgrade target for your clusters, honoring maintenance windows and exclusions.

September 23, 2024

Security

A security issue was discovered in Kubernetes clusters with Windows nodes whereBUILTIN\Users may be able to read container logs andAUTHORITY\Authenticated Users may be able to modify container logs. For more information, see theGCP-2024-054 security bulletin.

September 19, 2024

Change

(2024-R36) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.3-gke.1969001 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.30.3-gke.1969001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.3-gke.1969001 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.30.3-gke.1969001 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • Version 1.30.3-gke.1639000 is no longer available in the Extended channel.
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.3-gke.1969001 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

September 11, 2024

Change

(2024-R35) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.0-gke.1506000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1234000
    • 1.27.16-gke.1234001
    • 1.27.16-gke.1258000
    • 1.28.13-gke.1024000
    • 1.28.13-gke.1042000
    • 1.29.8-gke.1031000
    • 1.29.8-gke.1057000
    • 1.30.4-gke.1129000
    • 1.30.4-gke.1213000
    • 1.31.0-gke.1058000
    • 1.31.0-gke.1324000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.8-gke.1096000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1287000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.13-gke.1049000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.8-gke.1096000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.31 to version1.31.0-gke.1506000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1148000
    • 1.28.12-gke.1179000
    • 1.29.7-gke.1274000
    • 1.30.3-gke.1969000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1148001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.8-gke.1031000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1148001 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.13-gke.1006000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.8-gke.1031000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.2-gke.1587003 is now the default version for cluster creation in the Stable channel.
  • The following versions are now available in the Stable channel:
  • Version 1.27.16-gke.1008000 is no longer available in the Stable channel.
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.16-gke.1051001 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.16-gke.1051001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

For GPU node pools created in GKE Standard clusters running version 1.30.1-gke.115600 or later, GKE automatically installs thedefault NVIDIA GPU driver version corresponding to the GKE version if you don't specify thegpu-driver-version flag.

September 10, 2024

Fixed

We previously identified a potential issue that could cause downtime for traffic directed to your GKE-managed internal passthrough Network Load Balancers after certain cluster operations, like node upgrades. This issue specifically affected clusters with GKE subsetting and Services configured withexternalTrafficPolicy=Cluster. See theAug 14, 2024 release note for details.

A fix for this issue is now available. We recommend upgrading your GKE cluster's control plane to the following patch versions or later:

  • 1.27.16-gke.1258000
  • 1.28.13-gke.1024000
  • 1.29.8-gke.1057000
  • 1.30.4-gke.1129000
  • 1.31.0-gke.1506000

September 06, 2024

Change

(2024-R34) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

There are no new releases in the Rapid channel.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

There are no new releases in the Extended channel.

No channel

There are no updates for clusters not enrolled in a release channel.

Change

(2024-R33) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.31.0-gke.1058000 is now the default version for cluster creation in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1148000
    • 1.28.13-gke.1006000
    • 1.29.7-gke.1274000
    • 1.30.3-gke.1639000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1234000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.13-gke.1024000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.8-gke.1031000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.3-gke.1969000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1234000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.13-gke.1024000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.8-gke.1031000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.3-gke.1969000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.3-gke.1639000 is now the default version for cluster creation in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1051000
    • 1.27.16-gke.1082000
    • 1.28.12-gke.1052000
    • 1.29.7-gke.1104000
    • 1.30.3-gke.1225000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1148000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.12-gke.1179000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.7-gke.1274000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1148000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.12-gke.1179000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.7-gke.1274000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.3-gke.1639000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.7-gke.1104000 is now the default version for cluster creation in the Stable channel.
  • Version1.27.16-gke.1051001 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.27.15-gke.1252000
    • 1.28.11-gke.1260000
    • 1.29.6-gke.1326000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.16-gke.1008000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.12-gke.1052000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.7-gke.1104000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.16-gke.1008000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.12-gke.1052000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.7-gke.1104000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.3-gke.1639000 is now the default version for cluster creation in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1051000
    • 1.27.16-gke.1082000
    • 1.28.12-gke.1052000
    • 1.29.7-gke.1104000
    • 1.30.3-gke.1225000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1148000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.12-gke.1179000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.7-gke.1274000 with this release.
    • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.3-gke.1639000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.3-gke.1639000 is now the default version for cluster creation.
  • The following control plane and node versions are now available:
  • The following versions are no longer available:
    • 1.27.15-gke.1252000
    • 1.27.16-gke.1051000
    • 1.27.16-gke.1082000
    • 1.28.11-gke.1260000
    • 1.29.6-gke.1254000
    • 1.29.7-gke.1008000
    • 1.30.3-gke.1225000
  • Auto-upgrade targets are now available for the following minor versions:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.27.16-gke.1148000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.28.12-gke.1179000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version1.29.7-gke.1104000 with this release.
  • The following patch-only version auto-upgrade targets are now available for clusters withmaintenance exclusions or other factors preventing minor version upgrades:
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.27.16-gke.1148000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version1.28.12-gke.1179000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version1.29.7-gke.1104000 with this release.
    • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.30 to version1.30.3-gke.1639000 with this release.

September 04, 2024

Change

For GKE versions 1.29 and later, thegke-metrics-agent Pod runs with theprometheus-metrics-collector container in addition to the existinggke-metrics-agent andcore-metrics-exporter containers. This change might result in an increase in theService time series ingestion requests per minute quota; however, there is no additional cost.

August 28, 2024

Change

(2024-R32) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.3-gke.1639000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1082000
    • 1.28.12-gke.1090000
    • 1.28.12-gke.1179000
    • 1.29.7-gke.1174000
    • 1.30.3-gke.1225000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1148000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1148000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.13-gke.1006000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.13-gke.1006000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.7-gke.1274000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.7-gke.1274000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.3-gke.1639000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.3-gke.1639000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

August 27, 2024

Feature

Starting from version 1.30.3-gke.1451000, new and upgraded GKE clusters support the GKE Metrics Server updates where the addon-resizer runs in the cluster's control plane instead of worker nodes.

August 26, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-36978

For more details, see theGCP-2024-049 security bulletin.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-41009

For more details, see theGCP-2024-048 security bulletin.

August 21, 2024

Feature

GKE support forHyperdisk ML as an attached persistent disk option is now generally available. Support is available for both Autopilot and Standard clusters running GKE versions 1.30.2-gke.1394000 and later.

August 20, 2024

Change

(2024-R31) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.7-gke.1104000 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.27.16-gke.1008000
    • 1.28.11-gke.1315000
    • 1.29.7-gke.1008000
    • 1.30.2-gke.1587003
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1051000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1051000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.12-gke.1052000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.12-gke.1052000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.7-gke.1104000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.7-gke.1104000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.3-gke.1225000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1326000 is now the default version in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.27.15-gke.1154000
    • 1.28.11-gke.1172000
    • 1.29.6-gke.1254000
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.11-gke.1260000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.11-gke.1260000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.6-gke.1326000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.6-gke.1326000 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.7-gke.1104000 is now the default version in the Extended channel.
  • The following versions are no longer available in the Extended channel:
    • 1.27.16-gke.1008000
    • 1.28.11-gke.1315000
    • 1.29.7-gke.1008000
    • 1.30.2-gke.1587003
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1051000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.12-gke.1052000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.7-gke.1104000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.3-gke.1225000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

New features

The following features are new in Kubernetes 1.31:

Deprecated

Deprecated in-tree volume support

  • The Ceph CephFS (kubernetes.io/cephfs) and RBD (kubernetes.io/rbd) volume plugins aredeprecated since 1.28 and are removed in 1.31.

  • To determine if you have volumes/pods using RBD or Ceph volumes, run the following commands. If either of them print output, then you are using a deprecated volume type.

    • kubectl describe pv | egrep \-i 'Type: \*(RBD|CephFS)'
    • kubectl describe pod \-A | egrep \-i 'Type: \*(RBD|CephFS)'

  • Switch to use an RBD or CephFS CSI driver (like the CSI drivers provided athttps://github.com/ceph/ceph-csi/), or a Google Cloud-managed solution likeFilestore.

  • For more information, refer to theOSS Kubernetes announcement andhttps://github.com/ceph/ceph-csi/

Announcement

1.31 is now available in the Rapid channel

Kubernetes 1.31 is now available in the Rapid channel. For more information about the content of Kubernetes 1.31, read theKubernetes 1.31 Release Notes.

Deprecated

Deprecated APIs in 1.31

  • The following Beta versions of graduated APIs weredeprecated in 1.29 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.29, will no longer be served in 1.32
      • instead, useflowcontrol.apiserver.k8s.io/v1, available since 1.29
  • Thestatus.nodeInfo.kubeProxyVersion field in the Node API is deprecated and will not be populated starting in v1.33. The field is currently populated with the kubelet version, not the kube-proxy version, and might not accurately reflect the kube-proxy version in use. For more information, seeKEP-4004.
Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-39503

For more details, see theGCP-2024-047 security bulletin.

Feature

The C4 machine family is generally available in the following versions:

  • Standard clusters in version 1.29.2-gke.1521000 and later. To use this family in GKE Standard, you can use the--machine-type flag when creating a cluster or node pool.
  • Autopilot clusters in 1.30.3-gke.1225000 and later. To use this family in GKE Autopilot, you can use the Performance compute class when scheduling your workloads.
  • Cluster autoscaler and node auto-provisioning are supported in 1.30.3-gke.1225000 and later.

August 16, 2024

Change

In GKE version 1.29.7-gke.1238000-1.30, and 1.30.3-gke.1571000 or later, node pools use regional instance templates instead of global instance templates. To learn more, seeRegional and global instance templates.

August 14, 2024

Change

(2024-R30) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.3-gke.1225000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.16-gke.1008000
    • 1.28.11-gke.1315000
    • 1.29.7-gke.1008000
    • 1.30.2-gke.1587003
    • 1.30.3-gke.1451000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.16-gke.1051000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.16-gke.1051000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.12-gke.1052000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.12-gke.1052000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.7-gke.1104000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.7-gke.1104000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.3-gke.1225000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.3-gke.1225000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.7-gke.1008000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.15-gke.1252000
    • 1.28.11-gke.1260000
    • 1.29.6-gke.1326000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.16-gke.1008000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.16-gke.1008000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.11-gke.1315000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.11-gke.1315000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.7-gke.1008000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.7-gke.1008000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1254000 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.27.14-gke.1059002
    • 1.28.11-gke.1019001
    • 1.29.6-gke.1038001
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.15-gke.1154000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.15-gke.1154000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.11-gke.1172000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.11-gke.1172000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.29.6-gke.1254000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.6-gke.1254000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.30 to version1.30.2-gke.1587003 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.7-gke.1008000 is now the default version in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.15-gke.1252000
    • 1.28.11-gke.1260000
    • 1.29.6-gke.1326000
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.16-gke.1008000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.11-gke.1315000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.7-gke.1008000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Issue

We've identified a potential issue that may cause downtime for traffic coming to yourGKE managed Internal passthrough Network Load Balancers, after certain cluster operations like node upgrades. This issue specifically affects clusters withGKE Subsetting and Services withexternalTrafficPolicy=Cluster.

This issue is more likely to occur in clusters with more than 25 nodes. To prevent this issue altogether, we recommend updating your Service configuration to useexternalTrafficPolicy=Local. If you're already experiencing downtime, scale up the number of pods backing your LoadBalancer to provide immediate relief. A fix for this issue will be available in upcoming GKE releases.

August 13, 2024

Fixed

In GKE version 1.30 and later, there is aworkaround in the PDCSI driver for privileged workloads that access container namespaces with hostpath. The workaround delays NodeUnstage until attached filesystems are no longer in use. Under certain conditions, the privileged hostpath workloads may cause a container's mount namespace to be retained longer than the container's lifecycle. The workaround addresses an issue where the driver could proceed with detaching a GCE persistent disk even if the block device filesystem is still in use.

With this fix, the PDCSI driver will validate that an attached block device is no longer in use prior to unmounting it from a GKE node.

Feature

Custom compute classes are a new set of capabilities in GKE that provide an API for fine-grained control over fallback compute priorities, autoscaling configuration, obtainability and node consolidation. Custom compute classes offer enhanced flexibility and control over your GKE compute infrastructure so that you can ensure optimal resource allocation for your workloads. You can use custom compute classes in GKE version 1.30.3-gke.1451000 and later. To learn more, seeAbout custom compute classes.

August 12, 2024

Change

(2024-R29) Version updates

There are no GKE cluster version updates in 2024-R29. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

There are no new releases in the Rapid channel.

Regular channel

There are no new releases in the Regular channel.

Stable channel

There are no new releases in the Stable channel.

Extended channel

There are no new releases in the Extended channel.

No channel

There are no updates for clusters not enrolled in a release channel.

August 07, 2024

Change

(2024-R28) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1326000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.15-gke.1154000
    • 1.28.11-gke.1172000
    • 1.29.6-gke.1254000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.11-gke.1260000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.6-gke.1326000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.6-gke.1326000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1326000 is now the default version in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.15-gke.1154000
    • 1.28.11-gke.1172000
    • 1.29.6-gke.1254000
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.11-gke.1260000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.6-gke.1326000 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

August 06, 2024

Feature

You can now keep a GKE Standard cluster on a minor version for longer with the Extended release channel. Clusters running 1.27 or later can be enrolled in the Extended channel, and automatically receive security patches during the extended support period after the end of standard support. To learn more, seeGet long-term support with the Extended channel.

August 02, 2024

Feature

TheNVIDIA GPU Operator can now beused as an alternative to fully managed GKE for both Container-Optimized OS and Ubuntu node images. Choose thisoption to manage your GPU stack if you're looking for a consistent multi-cloud experience, already using the NVIDIA GPU Operator, or have software reliant on it.

August 01, 2024

Change

Autopilot nodes useGoogle Virtual NIC (gVNIC) for 1.30.2-gke.1023000 and later.

Feature

You can now enable NCCL Fast Socket on your multi-GPU Autopilot workloads.NCCL Fast Socket is a transport layer plugin designed to improve NVIDIA Collective Communication Library (NCCL) performance on Google Cloud. To enable NCCL Fast Socket on GKE Autopilot, you must use a GKE Autopilot cluster with control plane version 1.30.2-gke.1023000 or later. For more information, seeImprove workload efficiency using NCCL Fast Socket.

July 31, 2024

Fixed

GKE Autopilot versions 1.28.6-gke.1317000 and later fixes a known issue for ephemeral storage requests. If the combined ephemeral storage requests across all containers in your workload exceed 10 GiB, your workload will be rejected with an error message. This differs from earlier versions, which admitted the workload if it requested more than 10 GiB while only actually provisioning 10 GiB, which would result in workload eviction when the workload used more than 10 GiB.

To ensure uninterrupted operation with GKE Autopilot versions 1.28.6-gke.1317000 and later, do the following:

  • Verify that containers injected by webhooks don't cause Pods to exceed themaximum Autopilot resource limits.
  • Adjust workload resource requests to account for any containers that may be injected by webhooks.
  • If any Pods are rejected after updating, reduce their ephemeral storage requests to meet the limit for your workload configuration.

To learn more, seeAutomatic resource management in Autopilot.

Change

(2024-R27) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.2-gke.1587003 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.27.14-gke.1059002
    • 1.27.15-gke.1125000
    • 1.28.11-gke.1260000
    • 1.28.11-gke.1289000
    • 1.29.6-gke.1038001
    • 1.29.6-gke.1137000
    • 1.30.1-gke.1329003
    • 1.30.2-gke.1394003
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.15-gke.1252000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.11-gke.1315000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.6-gke.1326000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.30.2-gke.1587003 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.2-gke.1587003 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1254000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.27.14-gke.1059002
    • 1.28.11-gke.1019001
    • 1.29.6-gke.1038001
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.15-gke.1154000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.15-gke.1154000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.11-gke.1172000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.6-gke.1254000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.6-gke.1254000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.30 to version1.30.2-gke.1587003 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1038001 is now the default version in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.27.14-gke.1042001
    • 1.28.10-gke.1075001
    • 1.29.5-gke.1091002
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.14-gke.1059002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.14-gke.1059002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.11-gke.1019001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.11-gke.1019001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.6-gke.1038001 with this release.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1254000 is now the default version in the Extended channel.
  • The following versions are now available in the Extended channel:
  • The following versions are no longer available in the Extended channel:
    • 1.27.14-gke.1059002
    • 1.28.11-gke.1019001
    • 1.29.6-gke.1038001
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.27 to version1.27.15-gke.1154000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.28 to version1.28.11-gke.1172000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.29 to version1.29.6-gke.1254000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Extended channel will be upgraded from version 1.30 to version1.30.2-gke.1587003 with this release.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

You can now keep a GKE Standard cluster on a minor version for longer with the Extended release channel. Clusters running 1.27 or later can be enrolled in the Extended channel, and automatically receive security patches during the extended support period after the end of standard support. To learn more, seeGet long-term support with the Extended channel.

July 26, 2024

Change

With GKE patch version 1.30.1-gke.115600 and later, if you don't specify thegpu-driver-version flag when creating new GPU node pools, then GKE automatically installs thedefault GPU driver version that corresponds to the GKE version. If you prefer tomanually install the GPU driver, setgpu-driver-version=disabled. To learn more, seeCreate a GPU node pool.

July 25, 2024

Change

In GKE version 1.30.2-gke.1100 and later, the_CMDLINE field is removed from kubelet log entries to reduce log volumes.

If you need to access_CMDLINE information, you have two options:

  1. SSH into the node:

    • SSH into the relevant node.
    • Run the following command:ps aux | grep kubelet.

  2. Search cloud logging:

    • Use the Cloud Logging interface or API.

    • Apply the following filter to search kubelet startup logs:

      resource.type="k8s_node"log_name="projects/{PROJECT_ID}/logs/kubelet"resource.labels.cluster_name="{CLUSTER_NAME}"SEARCH("`FLAG:`")

    Remember to replace{PROJECT_ID} and{CLUSTER_NAME} with the appropriate values for your environment.

July 24, 2024

Fixed

In GKE versions starting from 1.29.4-gke.1542000 and earlier than 1.29.7-gke.1008000, while Anthos Service Mesh is enabled, Pods that utilize Google Cloud Storage FUSE CSI driver volumes might encounter scheduling issues, with this error message:

Pod"your-pod-name"isinvalid:[spec.volumes[x].name:Duplicatevalue:"gke-gcsfuse-tmp",spec.initContainers[x].name:Duplicatevalue:"gke-gcsfuse-sidecar"]

This issue has been resolved in GKE version 1.29.7-gke.1008000.

July 23, 2024

Change

(2024-R26) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Extended channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

July 17, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26925

For more details, see theGCP-2024-045 security bulletin.

Change

(2024-R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.5-gke.1091002 is now the default version in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.27.13-gke.1201002
    • 1.28.9-gke.1289002
    • 1.28.10-gke.1058001
    • 1.29.4-gke.1043004
    • 1.29.5-gke.1091001
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.14-gke.1042001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.14-gke.1042001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.10-gke.1075001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.5-gke.1091002 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.6-gke.1038001 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.27.14-gke.1042001
    • 1.27.14-gke.1059001
    • 1.28.10-gke.1075001
    • 1.29.5-gke.1091002
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.14-gke.1059002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.14-gke.1059002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.11-gke.1019001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.6-gke.1038001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.6-gke.1038001 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Fixed

GKE Autopilot now supports opportunistic bursting and lower Pod minimums upon cluster creation or upgrade to 1.30.2-gke.1394000 or later, resolving a previous issue with containerd.

July 16, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26921

For more details, see theGCP-2024-043 security bulletin.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-36972

For more details, see theGCP-2024-044 security bulletin.

Feature

Compute flexible committed use discounts (CUDs), previously known as Compute Engine Flexible CUDs, have beenexpanded to include several GKE Autopilot and Cloud Run SKUs (see theGKE CUD documentation for details). The legacy GKE Autopilot CUD will be removed from sale on October 15, 2024. GKE Autopilot CUDs purchased before this date will continue to apply through their term.

July 15, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26809

For more details, see theGCP-2024-042 security bulletin.

July 10, 2024

Change

(2024-R24) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.28.9-gke.1289002 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.26.15-gke.1090000
    • 1.26.15-gke.1090004
    • 1.26.15-gke.1191000
    • 1.26.15-gke.1191001
    • 1.26.15-gke.1300000
    • 1.26.15-gke.1300001
    • 1.27.13-gke.1070000
    • 1.27.13-gke.1070002
    • 1.27.13-gke.1166000
    • 1.27.13-gke.1166001
    • 1.27.13-gke.1201000
    • 1.28.9-gke.1069000
    • 1.28.9-gke.1069002
    • 1.28.9-gke.1209000
    • 1.28.9-gke.1209001
    • 1.28.9-gke.1289000
    • 1.29.4-gke.1043002
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.13-gke.1201002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.13-gke.1201002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.9-gke.1289002 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.5-gke.1091002 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.26.15-gke.1320000
    • 1.26.15-gke.1320002
    • 1.26.15-gke.1381000
    • 1.26.15-gke.1381001
    • 1.26.15-gke.1390000
    • 1.26.15-gke.1390001
    • 1.27.13-gke.1201000
    • 1.27.13-gke.1201002
    • 1.27.14-gke.1022000
    • 1.27.14-gke.1022001
    • 1.27.14-gke.1042000
    • 1.28.9-gke.1289000
    • 1.28.9-gke.1289002
    • 1.28.10-gke.1058000
    • 1.28.10-gke.1058001
    • 1.28.10-gke.1075000
    • 1.29.4-gke.1043002
    • 1.29.4-gke.1043004
    • 1.29.5-gke.1060000
    • 1.29.5-gke.1060001
    • 1.29.5-gke.1091000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.14-gke.1042001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.14-gke.1042001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.10-gke.1075001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.29.5-gke.1091002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.5-gke.1091002 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

July 09, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2023-52654
  • CVE-2023-52656

For more information, see theGCP-2024-041 security bulletin.

July 08, 2024

Change

(2024-R23) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.4-gke.1043004 is now the default version.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.25 to version1.26.15-gke.1320002 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.26.15-gke.1320002 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.27.13-gke.1070002 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.27.13-gke.1070002 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.28 to version1.28.9-gke.1289002 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.29 to version1.29.4-gke.1043004 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.13-gke.1070002 is now the default version in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.26.15-gke.1090004 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.26.15-gke.1090004 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.13-gke.1070002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.13-gke.1070002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.9-gke.1069002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.29 to version1.29.4-gke.1043004 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.4-gke.1043004 is now the default version in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.15-gke.1320002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.15-gke.1320002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.13-gke.1201002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.28.9-gke.1289002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.9-gke.1289002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.4-gke.1043004 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.1-gke.1329003 is now the default version in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.15-gke.1404002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.15-gke.1404002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.14-gke.1059002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.10-gke.1089002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.5-gke.1091002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.5-gke.1091002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.1-gke.1329003 with this release.
Feature

Ray Operator on GKE is now generally available in the Rapid channel. Ray Operator is a GKE add-on that allows you to manage and scaleRay applications. To learn more, see theRay Operator documentation.

July 03, 2024

Security

A remote code execution vulnerability,CVE-2024-6387, was recently discovered in OpenSSH. The vulnerability exploits a race condition that can be used to obtain access to a remote shell, enabling attackers to gain root access. This vulnerability has a Critical severity for GKE. An expedited rollout is in progress to make patch versions available.

For patch versions and mitigation steps, see theGCP-2024-040 security bulletin.

Change

(2024-R22) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

GKE Managed DCGM Metrics Package is now available in Preview for both GKE Standard and Autopilot clusters running version 1.30.1-gke.1204000 and later.

You can now configure Autopilot and Standard clusters to export a predefined list of DCGM metrics emitted by GKE Managed DCGM exporter including metrics for GPU performance, utilization, and I/Os in the GPU node pools with GKE-managed NVIDIA drivers. These metrics are collected by Google Cloud Managed Service for Prometheus. You can view the curated DCGM metrics in the Observability Tab on the Kubernetes Clusters page or in Cloud Monitoring.

For more information, seeCollect and view DCGM metrics.

Feature

You can now preload data or container images in new nodes on GKE, enabling faster workload deployment and autoscaling. This feature is Generally Available and production-ready, with support for Autopilot and Terraform. To learn more, seeUse secondary boot disks to preload data or container images.

July 02, 2024

Issue

A faulty component in the Persistent Disk CSI (PDCSI) driver may cause mount failures for NVMe block devices on specific GKE clusters. This issue affects machine types that exclusively use the NVMe interface for attached Persistent Disks, such as third-generation machine types, T2A instances, and Confidential VMs. For more details, seeAbout persistent disks.

Impacted GKE versions include:

  • 1.30.2-gke.1023000
  • 1.27.15-gke.1012000
  • 1.27.14-gke.1100000

Mount failures will log errors indicating difficulties verifying and re-linking the GCE Persistent Disk. You will see log errors like this:

"Error when getting device path: rpc error: code = Internal desc = error verifying GCE PD ("$PVC") is attached: failed to find and re-link disk $PVC with udevadm after retrying for 3s: couldn't get serial number for disk $PVC at device path /dev/$NVME_PATH: google_nvme_id failed for device "/dev/$NVME_PATH" with output [**numbers**]: exit status 1"

This issue will be resolved in the next GKE releases. In the meantime, if you are experiencing mount failures, upgrade your cluster to the default version 1.30.1-gke.1329000 for the 1.30 release channel or 1.27.14-gke.1059000 for the 1.27 release channel.

June 28, 2024

Change

Resource requests foranetd Pods have been increased from 200mil CPU and 110m memory to 205mil CPU and 230m memory. In some cases, if the CPU and memory budgets on the nodes are limited, GKE might evict workloads to facilitateanetd during control plane upgrades. This can occur if your clusters are being upgraded from earlier versions to one of the following versions:

  • 1.28.5-gke.1217000 and later
  • 1.29 and later
  • 1.30 and later
Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26923

For more information, see theGCP-2024-039 security bulletin.

June 27, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26924

For more information, see theGCP-2024-038 security bulletin.

June 26, 2024

Change

(2024-R21) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.13-gke.1070000 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.27.11-gke.1062004
    • 1.28.9-gke.1000000
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.13-gke.1070000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.13-gke.1070000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.9-gke.1069000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.1-gke.1329000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.26.15-gke.1390000
    • 1.26.15-gke.1436000
    • 1.27.14-gke.1042000
    • 1.27.14-gke.1093000
    • 1.28.10-gke.1075000
    • 1.28.10-gke.1141000
    • 1.29.5-gke.1121000
    • 1.29.5-gke.1192000
    • 1.30.1-gke.1156000
    • 1.30.1-gke.1500000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.15-gke.1404000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.15-gke.1404000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.14-gke.1059000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.10-gke.1089000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.1-gke.1329000 with this release.

June 18, 2024

Change

(2024-R20) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes:

  • CVE-2024-26584

For more information, see theGCP-2024-036 security bulletin.

June 14, 2024

Fixed

For GKE clusters running versions later than 1.28.10-gke.1141000, the NEG, Ingress, L4 internal load balancer, and L4 RBS controllers skip processing nodes that are missing thethetopology.kubernetes.io/zone label until the zone information is ready. The load balancer controllers no longer block sync operations when a node is introduced without the label.

June 12, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-26584

For more information, see theGCP-2024-035 security bulletin.

Change

(2024-R19) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.30.1-gke.1156000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.26.15-gke.1320000
    • 1.27.13-gke.1201000
    • 1.28.9-gke.1289000
    • 1.29.4-gke.1670000
    • 1.30.0-gke.1167000
    • 1.30.1-gke.1261000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.15-gke.1381000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.15-gke.1381000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.14-gke.1022000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.10-gke.1058000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.5-gke.1060000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.5-gke.1060000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.1-gke.1156000 with this release.

June 11, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes:

  • CVE-2024-26583

For more information, see theGCP-2024-034 security bulletin.

June 10, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes:

  • CVE-2022-23222

For more information, see theGCP-2024-033 security bulletin.

June 07, 2024

Change

Updated2024-R13 release notes to indicate that control planes and nodes with auto-upgrade enabled in the Regular channel werenot upgraded from version 1.28 to version 1.29.1-gke.1589018. That release note was published by mistake.

Feature

Fully managed cAdvisor/Kubelet metrics are now available on GKE clusters running version 1.29.3-gke.1093000 or later.

June 06, 2024

Change

(2024-R18) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.11-gke.1062004 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.27.11-gke.1062003
    • 1.27.12-gke.1115000
    • 1.28.8-gke.1095000
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.11-gke.1062004 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.11-gke.1062004 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.4-gke.1043002 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.26.15-gke.1300000
    • 1.27.13-gke.1000000
    • 1.29.1-gke.1589020
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.13-gke.1070000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.13-gke.1070000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.4-gke.1043002 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

June 05, 2024

Change

Updated2024-R03 release notes to indicate that control planes and nodes with auto-upgrade enabled in the Stable channel were upgraded from version 1.27 to version 1.27.7-gke.1121002, not 1.28.3-gke.1203001 as previously stated.

May 28, 2024

Change

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.28.9-gke.1000000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.26.15-gke.1243000
    • 1.27.12-gke.1115000
    • 1.28.8-gke.1095000
    • 1.28.9-gke.1069000
    • 1.29.4-gke.1043001
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.13-gke.1000000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.13-gke.1000000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.9-gke.1000000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

May 27, 2024

Security

A new vulnerability (CVE-2024-4323) has been discovered in Fluent Bit that could result in remote code execution. Fluent Bit versions 2.0.7 through 3.0.3 are affected.

GKE doesn't use a vulnerable version of Fluent Bit and isunaffected.

For more information, see theGCP-2024-031 security bulletin.

May 24, 2024

Feature

GKE now provides insights and recommendations to create a backup plan for unprotected clusters that have existed for more than 7 days. These insights and recommendations are currently available inus-central1-a. SeeBackup for GKE andprotect clusters with Backup for GKE documents for details.

May 22, 2024

Change

The GKE Container Security API is now enabled automatically when GKE Enterprise is enabled on a project. This change ensures the security and compliance features are ready for use as part of GKE Enterprise activation.

Feature

The C4 machine family is available in Public Preview for Standard clusters running GKE version 1.29.2-gke.1521000 and later. You can select this family by using the--machine-type flag when creating a cluster or node pool. The following limitations apply:

  • GKE versions prior to 1.29.2-gke.1521000 might encounter a volume device path mounting error which can cause Pods to be stuck in a Pending state. If you encounter this issue, try deleting and re-creating the Pod, to trigger re-processing of the volume mount.
  • Confidential GKE nodes are not supported in Public Preview.
  • Local SSD is not supported.
  • Nested virtualization is not supported in Public Preview.

May 21, 2024

Change

(2024-R16) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.11-gke.1062004 is now available in the Stable channel.
  • Version 1.28.7-gke.1026000 is no longer available in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

May 17, 2024

Change

(2024-R14) Version updates

There are no version updates for 2024-R14.

(2024-R15) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.11-gke.1062003 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.26.8-gke.200
    • 1.26.14-gke.1044000
    • 1.27.11-gke.1062001
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.26.14-gke.1044001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.11-gke.1062003 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.11-gke.1062003 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.7-gke.1026001 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.28.8-gke.1095000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.26.8-gke.200
    • 1.27.11-gke.1062001
    • 1.27.11-gke.1062003
    • 1.28.7-gke.1026001
    • 1.29.1-gke.1589018
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.12-gke.1115000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.12-gke.1115000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.8-gke.1095000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.29 to version1.29.1-gke.1589020 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

May 15, 2024

Security

A vulnerability (CVE-2023-52620) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-030 security bulletin.

Change

Added a release note toMay 16, 2023 for 1.27 available in the Rapid channel. This release note was previously only added to the Release notes (Rapid channel only) page by mistake.

May 14, 2024

Security

A vulnerability (CVE-2024-26642) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-029 security bulletin.

May 13, 2024

Security

A vulnerability (CVE-2024-26581) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-028 security bulletin.

May 10, 2024

Issue

Container Threat Detection (KTD) fails to deploy on Autopilot clusters running the following GKE versions:

  • 1.28.6-gke.1095000 to 1.28.7-gke.1025000
  • 1.29.1-gke.1016000 to 1.29.1-gke.1781000

To mitigate this issue, upgrade the cluster to version 1.28.7-gke.1026000 or later, or to 1.29.2-gke.1060000 or later.

Feature

In new Standard clusters running GKE version 1.29 and later, GKE assigns IP addresses for GKE Services from a Google-managed range:34.118.224.0/20 by default. With this feature, you don't need to specify your own IP address range for Services. For more information, seeSubnet secondary IP address range for Services.

May 09, 2024

Security

A vulnerability (CVE-2024-26808) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-027 security bulletin.

May 08, 2024

Change

(2024-R13) Version updates

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.3-gke.1282001 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.26.15-gke.1158000
    • 1.26.15-gke.1243000
    • 1.27.12-gke.1190000
    • 1.27.13-gke.1070000
    • 1.28.8-gke.1175000
    • 1.28.9-gke.1069000
    • 1.29.3-gke.1093006
    • 1.29.3-gke.1282000
    • 1.29.4-gke.1165000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.3-gke.1282001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.3-gke.1282001 with this release.
Security

A vulnerability (CVE-2024-26643) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-026 security bulletin.

Change

The 2024-R13 release notes were updated on June 7th, 2024 with the following:

Regular channel

Control planes and nodes with auto-upgrade enabled in the Regular channel werenot upgraded from version 1.28 to version 1.29.1-gke.1589018. That release note was published by mistake

May 02, 2024

Feature

The new release of theGKE Gateway controller (2024-R1) is nowgenerally available. With this release, the GKE Gateway controller will provide the following new capabilities and fixes:

New capabilities:

  • Gateway API CRDs v1.0.0
  • Cloud Armor backend security policy support for Regional external Gateways
  • Self-managed certificates with Certificate Manager on Regional internal & external Gateways
  • Google-managed certificates with Certificate Manager on Regional internal & external Gateways [Preview]

Bug fixes:

  • Fixed missing permissions to MCI service agent role for regional SSL policy

To learn more about our GKE Gateway controller capabilities, see thesupported capabilities per GatewayClass.

Feature

Starting in GKE 1.30, the metricscheduler_pod_scheduling_duration_seconds incontrol plane metrics package will no longer be available, as a result ofdeprecation in the upstream OSS. The replacement metricscheduler_pod_scheduling_sli_duration_seconds will be exported as part of the the control plane metrics package instead.

May 01, 2024

Change

(2024-R12) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.11-gke.1062001 is now the default version in the Stable channel.
  • Version1.27.11-gke.1062001 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.26.14-gke.1044000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.27.11-gke.1062001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.11-gke.1062001 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.11-gke.1062001 is now available in the Regular channel.
  • Version 1.27.11-gke.1062000 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.15-gke.1090000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.27.11-gke.1062001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.11-gke.1062001 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.29.3-gke.1282000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • Version 1.29.3-gke.1093000 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.15-gke.1191000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.13-gke.1000000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.9-gke.1000000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.3-gke.1282000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.3-gke.1282000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.30 to version1.30.0-gke.1167000 with this release.
Deprecated

Deprecated APIs in 1.30

The following Beta versions of graduated APIs were previously deprecated in 1.29 in favor of newer versions:

  • flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema, PriorityLevelConfiguration: Deprecated since 1.29, will no longer be served in 1.32. Instead, useflowcontrol.apiserver.k8s.io/v1, which is available since Kubernetes 1.29
  • Thestatus.nodeInfo.kubeProxyVersion field in the Node API is deprecated and will not be populated starting in v1.33. The field is currently populated with the kubelet version, not the kube-proxy version, and might not accurately reflect the kube-proxy version in use. For more information, seeKEP-4004.
Feature

New features in 1.30

The following features are new in Kubernetes 1.30:

Announcement

1.30 is now available in the Rapid channel

Kubernetes 1.30 is now available in the Rapid channel. For more information about the content of Kubernetes 1.30, read theKubernetes 1.30 Release Notes.

Deprecated

Deprecated features in 1.30

The Ceph CephFS (kubernetes.io/cephfs) and RBD (kubernetes.io/rbd) volume plugins are deprecated since 1.28 and will be removed in a future release.

To determine if you have volumes/pods using RBD or Ceph volumes, run the following commands. If either of them print output, then you are using a deprecated volume type:

  • kubectl describe pv | egrep -i 'Type: *(RBD|CephFS)'
  • kubectl describe pod -A | egrep -i 'Type: *(RBD|CephFS)'

Switch to use an RBD or CephFS CSI driver (like the CSI drivers provided in theCeph CSI driver project), or a Google Cloud-managed solution likeFilestore. For more information, refer to the OSS Kubernetes announcement and to theCeph CSI driver project.

Feature

New APIs in 1.30

The following APIs are new in Kubernetes 1.30:

  • admissionregistration.k8s.io/v1ValidatingAdmissionPolicyBinding andValidatingAdmissionPolicy

April 30, 2024

Change

(2024-R11) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • The following versions are no longer available in the Stable channel:
    • 1.25.16-gke.1460000
    • 1.25.16-gke.1537000

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
Feature

AQuick Start Solution andReference Architecture are now available for developing and deploying Retrieval Augmented Generation (RAG) applications on GKE. RAG improves the quality of Large Language Model (LLM) responses for a specific application. For example, RAG can enable a customer service chatbot to access help center articles, a shopping assistant to tap into product catalogs and customer reviews, or a travel booking agent to access up-to-date flight and hotel information.

Feature

In GKE 1.29.2-gke.1355000 and later, GPU workloads using the Accelerator compute class in GKE Autopilot support scheduling multiple GPU pods on a single node. To schedule multiple GPU Pods on the same node, specify thegke-accelerator-count node selector with a value that's higher than the Pod GPU request. For details, seeDeploy GPU workloads in GKE Autopilot.

Feature

You can now configure access to private image registries that use private certificates using a containerd configuration file. For details, seeCustomize containerd configuration in GKE nodes.

April 29, 2024

Feature

Dual-stack LoadBalancer Services are now generally available with GKE. You can now create a dual-stack GKE cluster and expose GKE Services using either IPv4, IPv6 ,or a combination of both, depending on youripFamilyPolicy andipFamilies specs.

To learn more, seeGKE LoadBalancer Service parameters.

Feature

Cloud DNS additive VPC scope is now available in Preview. You can now configure your GKE clusters to add GKE headless Service entries to your Cloud DNS private zone visible from your VPC networks, on top of using Cloud DNS (cluster scope) as your GKE DNS provider.

To learn more, seeCloud DNS scopes for GKE.

April 26, 2024

Feature

GKE Standard clusters now support nested virtualization. For details, including requirements and limitations, seeUse nested VMs with GKE Standard clusters.

Feature

GKE Sandbox supports the use of NVIDIA GPUs (H100, A100, L4, and T4) in Public Preview in GKE version 1.29.2-gke.1108000 and later on both Standard and Autopilot clusters. GKE Sandbox provides an extra layer of security to prevent untrusted code from affecting the host kernel on your cluster nodes. For GPUs, while GKE Sandbox doesn't mitigate all NVIDIA driver vulnerabilities, it helps protect against Linux kernel vulnerabilities. For details, seeGPUs in GKE Sandbox.

Feature

You can now use the node system configuration file in GKE to enable and use Linux huge pages in your Pods. For instructions, seeLinux huge page configuration options.

April 25, 2024

Security

A vulnerability (CVE-2024-26585) was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

For more information, see theGCP-2024-024 security bulletin.

April 24, 2024

Issue

A known issue causes a subset of Pods in GKE Autopilot clusters to occasionally become stuck during termination or creation. As a result, we temporarily disabled bursting in Autopilot clusters that were created or upgraded to version 1.29.2-gke.1060000 and later on or after April 24, 2024. Clusters that enabled bursting prior to April 24, 2024 continue to support bursting.

April 19, 2024

Issue

A bug in the Image streaming feature might cause containers to fail because of missing files.

Containers running on a node with image streaming enabled on specific GKE versions might fail to be created with the following error:

"CreateContainer in sandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to create containerd container: failed to mount [PATH]: too many levels of symbolic links"

The following GKE versions are impacted:

  • All 1.28 versions
  • All 1.29 versions

We're working on fixing this issue. In the meantime, if you're impacted by this issue,disable Image streaming.

April 18, 2024

Change

(2024-R10) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.11-gke.1062000 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.25.15-gke.1115000
    • 1.25.16-gke.1041000
    • 1.26.11-gke.1055000
    • 1.27.7-gke.1121002
    • 1.28.3-gke.1203001
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.25.16-gke.1460000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.26.13-gke.1144000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.26.13-gke.1144000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.11-gke.1062000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.7-gke.1026000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.28.7-gke.1026000 is now the default version in the Regular channel.
  • Version1.25.16-gke.1570000 is now available in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.25.16-gke.1460000
    • 1.27.8-gke.1067004
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.16-gke.1537000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.16-gke.1537000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.11-gke.1062000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.28 to version1.28.7-gke.1026000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.29.3-gke.1093000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.25.16-gke.1596000
    • 1.25.16-gke.1648000
    • 1.26.14-gke.1076000
    • 1.26.14-gke.1133000
    • 1.27.11-gke.1118000
    • 1.27.11-gke.1202000
    • 1.28.7-gke.1026000
    • 1.28.7-gke.1226000
    • 1.29.1-gke.1589017
    • 1.29.2-gke.1521000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.16-gke.1711000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.15-gke.1090000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.12-gke.1115000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.8-gke.1095000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.29.3-gke.1093000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.3-gke.1093000 with this release.

April 16, 2024

Feature

The Z3 machine family is generally available in Standard clusters running for GKE 1.25 and later. You can select this family by using the--machine-type flag when creating a cluster or node pool. The following limitations apply:

  • Node auto-provisioning for Z3 is supported in 1.29 and later.
  • GKE Autopilot is supported in 1.29 and later.
  • Z3 machines are gracefully terminated during host maintenance.

April 12, 2024

Feature

GPUDirect-TCPX is now supported on GKE version 1.27 and later and requires the following patch versions:

  • For GKE version 1.27, use GKE patch version 1.27.7-gke.1121000 or later.
  • For GKE version 1.28, use GKE patch version 1.28.8-gke.1095000 or later.
  • For GKE version 1.29, use GKE patch version 1.29.3-gke.1093000 or later.

To use GPUDirect-TCPX, seeMaximize GPU network bandwidth with GPUDirect-TCPX and multi-networking.

April 10, 2024

Change

This note was updated on June 3, 2024. The GKE version required for N4 machine type support has been updated.

Change

This note was updated on June 3, 2024. The GKE version required for N4 machine type support has been updated.

Feature

The N4 machine family is generally available in GKE Standard clusters running on GKE 1.29.3-gke.1121000 and later. You can select this family by using the--machine-type flag when creating a cluster or node pool. The following limitations apply:

  • Confidential GKE nodes is not supported.
  • Local SSD is not supported.
  • hyperdisk-balanced is the only supported boot disk type.

April 09, 2024

Feature

Cloud Tensor Processing Units (TPUs) are now available in GKE Autopilot clusters running version 1.29.2-gke.1521000 or later. To learn more, visitDeploy TPU workloads on GKE Autopilot.

April 08, 2024

Change

(2024-R09) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

April 05, 2024

Feature

GPU NVIDIA Multi-Process Service (MPS) is available in version 1.27.7-gke.1088000 and later, which allows multiple workloads toshare a single NVIDIA GPU hardware accelerator with NVIDIA MPS.

April 04, 2024

Security

A Denial-of-Service (DoS) vulnerability (CVE-2023-45288) was recently discovered in multiple implementations of the HTTP/2 protocol, including the golang HTTP server used by Kubernetes. The vulnerability could lead to a DoS of the Google Kubernetes Engine (GKE) control plane.

For more information, see theGCP-2024-022 security bulletin.

April 03, 2024

Feature

GKE threat detection is now available in Preview. Threats against the Kubernetes control plane impacting your GKE Enterprise clusters are now visible in the GKE security posture dashboard. To learn more, seeAbout GKE threat detection.

Feature

The GKE compliance dashboard now offers compliance evaluation for CIS Kubernetes Benchmark 1.5, Pod Security Standards (PSS) Baseline, and PSS Restricted standards in Preview. To learn more, seeAbout the compliance dashboard.

April 02, 2024

Feature

Observability for Google Kubernetes Engine: Added a dashboard for Tensor Processing Unit (TPU) metrics on the Observability tab of both the cluster listing and cluster details pages for GKE clusters. The charts on this dashboard are populated with data only if the clusterhas TPU nodes andGKE system metrics is enabled. For more information, seeView observability metrics.

March 20, 2024

Change

(2024-R08) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

March 19, 2024

Issue

Workloads running on GKE clusters with COS-based nodes may experience DNS resolution issues. The likelihood of impact is low and not all clusters are impacted. The issue is resolved on the following minimal GKE node versions:

  • For 1.27: 1.27.11-gke.1118000
  • For 1.28: 1.28.7-gke.1100000
  • For 1.29: 1.29.2-gke.1217000

Clusters with a node version that is lower than 1.27.3-gke.1200 are not affected.

Feature

Cilium cluster-wide network policies are now generally available with the following GKE versions:

  • 1.28.6-gke.1095000 or later
  • 1.29.1-gke.1016000 or later

You can now control your GKE workloads' ingress and egress traffic cluster-wide, without being bound to a namespace for your network policies. This new capability is intended to streamline network policies for GKE platform administrators looking for a uniform way to apply policies across namespaces or application teams.

Cilium cluster-wide network policy is available in allGKE editions.

To learn more, readControl cluster-wide communication using network policies.

March 15, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-1085

For more information, see theGCP-2024-018 security bulletin.

March 14, 2024

Fixed

A previous version of the GKE logging agent that rolled out in GKE version 1.28.7-gke.1100000 contained a security vulnerability. This version has been immediately removed.

March 11, 2024

Feature

Private clusters created on GKE versions 1.29.0-gke.1384000 and later usePrivate Service Connect (PSC) for nodes to privately communicate with the control plane. There is no price increase for using GKE private clusters running on PSC.

For private clusters created with a different GKE version, the clusters continue to useVPC Peering for node-to-control plane communication.

Feature

Secret Manager add-on for GKE is now available. With the add-on, you can access the secrets stored in Secret Manager as volumes mounted in Kubernetes Pods. The add-on is supported on Standard and Autopilot clusters versioned 1.29 and later. For more info, seeUse Secret Manager add-on with GKE.

Feature

Opportunistic bursting and lower Pod minimums are now available on newly created GKE Autopilot clusters at version 1.29.2-gke.1060000 or later, and on existing clusters created at 1.26 or later that have been fully upgraded (including all nodes) to 1.29.2-gke.1060000 or later. To learn more, seeConfigure Pod bursting on GKE.

March 08, 2024

Fixed

For GKE versions later than 1.29.1-gke.1760000, the NEG, Ingress, L4 internal load balancer withsubsetting, andL4 RBS controllers will skip processing the nodes missing thetopology.kubernetes.io/zone label until the zone information is ready. The load balancer controllers will no longer block sync operations when a node is introduced without the label.

Fixed

Managed ASM installation and node scaling fails on GKE Autopilot clusters on versions between 1.28.6-gke.1095000 and 1.28.7-gke.1025000 and on versions between 1.29.1-gke.1016000 and 1.29.1-gke.1781000. To mitigate this issue,upgrade the cluster to version 1.28.7-gke.1026000 or later, or 1.29.2-gke.1060000 or later.

With 2024-R07, clusters created in the Rapid channel are defaulting to an affected version. To avoid creating a cluster on an affected version,manually specify version 1.28.7-gke.1026000 or later, or 1.29.2-gke.1060000 or later when creating clusters in the Rapid channel.

March 07, 2024

Change

(2024-R07) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.29.1-gke.1589017 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.25.16-gke.1537000
    • 1.26.14-gke.1006000
    • 1.27.11-gke.1018000
    • 1.28.6-gke.1456000
    • 1.29.0-gke.1381000
    • 1.29.1-gke.1589000
    • 1.29.2-gke.1060000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.16-gke.1570000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.14-gke.1044000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.11-gke.1062000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.11-gke.1062000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.29 to version1.29.1-gke.1589017 with this release.
Change

Starting in GKE 1.29.2-gke.1035000, you can configure Identity-Aware Proxy (IAP) with Google Managed OAuth Client for load balancers configured through GKE Ingress. To learn more, seeIngress configuration on Google Cloud.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2023-3611

For more information, see theGCP-2024-017 security bulletin.

Feature

You can nowpreload data or container images in new nodes to get fast workload deployment and auto scaling. This feature is available in Preview starting from GKE version 1.28.3-gke.1067000.

March 04, 2024

Change

(2024-R06) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
Feature

NVIDIA H100 (80 GB) GPUs arenow available in GKE Autopilot mode in versions 1.28.6-gke.1369000 or later, and 1.29.1-gke.1575000 or later.

Feature

GPU workloads running in Autopilot mode can now be configured using theAccelerator Compute Class. This configuration supports resource reservations, Compute Engine committed use discounts, and a new pricing model in GKE versions 1.28.6-gke.1095000 and later, and 1.29.1-gke.1143000 and later.

February 28, 2024

Feature

ThePerformance Compute Class, designed for running whole-machine CPU workloads, is available in Autopilot mode from versions 1.28.6-gke.1369000 and 1.29.1-gke.1575000 and later.

February 26, 2024

Change

This note was updated on March 20, 2024. The links to the security bulletins related to CVE-2024-0193 and CVE-2023-3610 have been updated.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

Feature

GKE now supports Gemma (2B, 7B), Google's new state-of-the-art open models. To learn more, refer to the following guides:

Deployment to GKE is also supported via Vertex AI Model Garden as part of our Hugging Face, Vertex AI, and GKE integration.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2024-0193

For more information, see theGCP-2024-012 security bulletin.

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2023-3610

For more information, see theGCP-2024-013 security bulletin.

February 23, 2024

Change

(2024-R05) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 21, 2024

Feature

TheGKE Stateful HA Operator is now available in GA starting in GKE versions 1.28.5-gke.1113000 and later, or 1.29.0-gke.1272000 and later. The GKE Stateful HA Operator is enabled in new Autopilot clusters and opt-in for new Standard clusters.

February 20, 2024

Issue

A bug in the image streaming feature might cause containers to fail because of a missing file or files.

Containers running on a node with image streaming enabled on the following versions might fail to start or run with errors informing that certain files don't exist. The following are examples of such errors:

  • No such file or directory
  • Executable file not found in $PATH

The following GKE versions are impacted:

  • For 1.27: 1.27.10-gke.1077000 and later
  • For 1.28: All 1.28 versions
  • For 1.29: All 1.29 versions

GKE is working on fixing the issue. In the meantime, if you are impacted by this issue, pleasedisable image streaming.

Feature

You can now use the GKE API to apply Resource Manager tags to your GKE nodes. GKE attaches these tags to the underlying Compute Engine VMs. You can use these tags toselectively enforce Cloud Firewall network firewall policies. This feature is generally available in GKE version 1.28 and later.

Feature

Kubernetes Engine best practice observability packages, includingcontrol plane logs,control plane metrics, andkube state metrics are now enabled by default for newmanaged GKE Enterprise clusters to ensure availability of necessary data when it's needed for troubleshooting or optimization. Control plane metrics and kube state metrics areincluded in GKEEnterprise Edition atno additional charge.

Feature

GKE now delivers insights and recommendations if your cluster'sCertificate Authority (CA) is expired or will expire in the next 180 days. To learn more, seeFind clusters with expiring or expired credentials.

February 16, 2024

Issue

The following GKE versions might cause Ubuntu node pools to enter an unhealthy state. Don't create or upgrade your Ubuntu node pools using these versions:

  • 1.25.16-gke.1497000
  • 1.26.13-gke.1189000
Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2023-6932

For more information, see theGCP-2024-011 security bulletin.

February 15, 2024

Issue

HorizontalPodAutoscaler (HPA) and VerticalPodAutoscaler (VPA) may stop autoscaling all workloads in a cluster if it contains misconfiguredautoscaling/v2 HPA objects. The issue impacts clusters running earlier patch versions of GKE version 1.27 and 1.28 (for example, 1.27.3-gke.100).

The fix is available in following cluster versions:

  • 1.27.5-gke.1300 and later
  • 1.28.1-gke.1400 and later
  • 1.29 and later

We recommend that affected customers upgrade clusters to these versions to prevent HPA and VPA from misbehaving when there is at least one misconfigured HPA object.

We recommend that affected customers correct misconfiguredautoscaling/v2 HPA objects by making sure the fields inspec.metrics.resource.target match, for example:

  • Whenspec.metrics.resource.target.type isUtilization then target should beaverageUtilization;
  • Whenspec.metrics.resource.target.type isAverageValue then target should beaverageValue.

For more details on how to configureautoscaling/v2 HPA objects, see theHorizontalPodAutoscaler Kubernetes documentation.

February 14, 2024

Security

The following vulnerabilities were discovered in the Linux kernel that can leadto a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-6931

For more information, see theGCP-2024-010 security bulletin.

February 13, 2024

Change

(2024-R04) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 09, 2024

Fixed

The following GKE versions fix a memory leak issue with the Google Cloud Storage FUSE CSI driver DaemonSet Pod:

  • 1.25.16-gke.1360000 and later
  • 1.26.13-gke.1052000 and later
  • 1.27.10-gke.1055000 and later
  • 1.28.6-gke.1095000 and later
  • 1.29.1-gke.1425000 and later

February 08, 2024

Change

The 2024-R03 release notes were updated on June 5th, 2024 with the following:

Stable channel

Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version 1.27.7-gke.1121002 with this release, not 1.28.3-gke.1203001 as previously stated.

Change

(2024-R03) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.7-gke.1121002 is now the default version in the Stable channel.
  • Version1.28.3-gke.1286000 is now available in the Stable channel.
  • Version 1.27.3-gke.100 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.28.3-gke.1203001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.28 to version1.28.3-gke.1203001 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.
  • Version1.27.8-gke.1067004 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.26.6-gke.1700
    • 1.27.3-gke.100
    • 1.28.3-gke.1118000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.11-gke.1055000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.11-gke.1055000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

February 06, 2024

Issue

Clusters on control plane versions 1.26.6-gke.1900 and later might encounter intermittent connection establishment failures.

The chances of failures are low and it doesn't affect all clusters. The failures should stop completely after a few days since the symptom onset.

Alternatively, upgrade to the following versions instead, which are not affected by this issue:

  • 1.26.13-gke.1052000 and later.
  • 1.27.10-gke.1055000 and later.
  • 1.28.6-gke.1095000 and later.
  • 1.29.1-gke.1016000 and later.

February 02, 2024

Feature

FQDN network policies are now generally available with the following GKE versions:

  • 1.26.4-gke.500 and later.
  • 1.27.1-gke.400 and later.
  • 1.28 and later.

You can further control your GKE workloads' egress traffic to a public or private service or endpoint by using a network policy matching a fully-qualified domain name or a regular expression.

FQDN Network Policy is only available and supported withGKE Enterprise.

To learn more, readControl Pod egress traffic using FQDN network policies.

February 01, 2024

Security

A security vulnerability, CVE-2024-21626, has been discovered inrunc where a user with permission to create Pods on Container-Optimized OS and Ubuntu nodes might be able to gain full access to the node file system.

For instructions and more details, see theGCP-2024-005 security bulletin.

Feature

You can now encrypt Pod-to-Pod traffic between nodes in the same cluster or in a multi-cluster environment natively with GKE. Inter-node transparent encryption is now generally available, only with GKE Enterprise, for GKE clusters in the following versions:

  • 1.26.9-gke.1024000 and later.
  • 1.27.6-gke.1506000 and later.
  • 1.28.2-gke.1098000 and later.
  • 1.29 and later.

To learn more, seeEncrypt your data in-transit in GKE with user-managed encryption keys.

January 31, 2024

Feature

Theafrica-south1 region in Johannesburg, South Africa is now available.

January 26, 2024

Change

(2024-R02) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.29.0-gke.1381000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.24.17-gke.2364000
    • 1.24.17-gke.2472000
    • 1.25.16-gke.1041000
    • 1.26.11-gke.1055000
    • 1.27.8-gke.1067000
    • 1.28.3-gke.1203001
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.16-gke.1268000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.12-gke.1111000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.9-gke.1092000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.3-gke.1286000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.3-gke.1286000 with this release.
Issue

Clusters that are running GPUs and are upgraded from 1.26 to a 1.27 patch version earlier than 1.27.8 might experience issues with their nodes' GPU device plugins (nvidia-gpu-device-plugin). Do the following steps depending on the state of your cluster:

  • If your cluster is running version 1.26 and has GPUs, don't manually upgrade your cluster until version 1.27.8 is available in your cluster's release channel. As of the publishing date of this release note, 1.27.8 patch versions are available in the Rapid and Regular channels.
  • If your cluster is running an earlier 1.27 patch version and the nodes are affected, restart the nodes or manually delete thenvidia-gpu-device-plugin Pod on the nodes (the add-on manager will create a new working plugin).
  • If your cluster is using auto-upgrades, this doesn't affect you as automatic upgrades will only move clusters to patch versions with the fix.

January 24, 2024

Security

The following vulnerability was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes:

  • CVE-2023-6817

For instructions and more details, see theGCP-2024-004 security bulletin.

January 22, 2024

Security

We have identified several clusters where users have granted Kubernetes privileges to thesystem:authenticated group, which includes all users with a Google account. These types of bindings arenot recommended, as they violate the principle of least privilege and grant access to very large groups of users. See guidance under 'What should I do' for instructions on how to find these types of bindings.

For more information, see theGCP-2024-003 security bulletin.

January 19, 2024

Change
Note: This is a correction of theAug 29, 2023 release note, which incorrectly stated the qualifying patch versions for TPUs. See theavailability chart for version qualification information.

You can create Cloud Tensor Processing Unit (TPU) nodes in GKE to run AI workloads, from training to inference models. GKE manages your cluster by automating TPU resource provisioning, scaling, scheduling, repairing, and upgrading. GKE provides TPU infrastructure metrics in Cloud Monitoring, TPU logs, and error reports for better visibility and monitoring of TPU node pools in GKE clusters. TPUs are available with GKE Standard clusters. To learn more, seeAbout TPUs in GKE. SeeTPU availability in GKE to find the TPU availability depending on the machine type and version.

January 18, 2024

Security

The following vulnerability was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS nodes:

  • CVE-2023-6111

For instructions and more details, see theGKE security bulletin.

January 11, 2024

Change

(2024-R01) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.28.3-gke.1286000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.24.17-gke.2347000
    • 1.25.16-gke.1020000
    • 1.26.10-gke.1235000
    • 1.27.5-gke.200
    • 1.27.7-gke.1293000
    • 1.28.4-gke.1083000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.17-gke.2364000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.16-gke.1041000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.11-gke.1055000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.8-gke.1067000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.28.3-gke.1203001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.3-gke.1203001 with this release.
Change

1.29 is now available in the Rapid channel

Kubernetes 1.29 is now available in the Rapid channel. For more information about the content of Kubernetes 1.29, read theKubernetes 1.29 Release Notes.

Deprecated

Removed APIs

The following Beta versions of graduated APIs areremoved in 1.29in favor of newer versions:

  • flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema,PriorityLevelConfiguration
    • Deprecated since 1.26
    • Instead, useflowcontrol.apiserver.k8s.io/v1beta3 available since 1.26, orflowcontrol.apiserver.k8s.io/v1, available since 1.29
Deprecated

Removed SHA-1 certificate support

  • Starting from version 1.29, GKE no longer supports webhook backends that use TLS certificates signed with the insecure SHA-1 algorithm. To prevent impact on your clusters, you must replace incompatible certificates ofwebhook servers andextension API servers before upgrading your clusters to version 1.29.
  • GKE will not auto-upgrade clusters with webhook backends using incompatible certificates to 1.29 until you replace the certificates or until version 1.28 reaches end of life. For more information, refer toEnsure compatibility of TLS certificates before upgrading to GKE 1.29.
Deprecated

Deprecated APIs

  • The following Beta versions of graduated APIs aredeprecated in 1.29 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema,PriorityLevelConfiguration
      • Deprecated since 1.29
      • Instead, useflowcontrol.apiserver.k8s.io/v1, available since 1.29
  • Thestatus.nodeInfo.kubeProxyVersion field in the Node API is deprecated and will not be populated starting in version 1.33. The field is currently populated with the kubelet version, not the kube-proxy version, and might not accurately reflect the kube-proxy version in use. For more information, seeKEP-4004.
Change

New Features

Deprecated

Deprecated in-tree volume support

  • The Ceph CephFS (kubernetes.io/cephfs) and RBD (kubernetes.io/rbd) volume plugins are deprecated in 1.28 and will be removed in a future release.
  • To determine if you have volumes or Pods using RBD or Ceph volumes, run the following commands. If either of them print output, then you are using a deprecated volume type.
    • kubectl describe pv | egrep -i 'Type: *(RBD|CephFS)'
    • kubectl describe pod -A | egrep -i 'Type: *(RBD|CephFS)'
  • Switch to use an RBD or CephFS CSI driver, such as the drivers provided in theCeph CSI GitHub repo, or use a Google-managed solution such asFilestore.
  • For more information, refer to theOSS Kubernetes announcement and theCeph CSI GitHub repo.
Change

New APIs

  • flowcontrol.apiserver.k8s.io/v1 FlowSchema,PriorityLevelConfiguration
    • Notable changes inflowcontrol.apiserver.k8s.io/v1:
      • The PriorityLevelConfigurationspec.limited.nominalConcurrencyShares field only defaults to 30 when unspecified, and an explicit value of 0 is not changed to 30.

January 08, 2024

Change

GKE clusters in Autopilot mode no longer require workload-level logging to be enabled. Pass--logging=SYSTEM tocreate-auto orupdate to disable workload logs.

December 19, 2023

Feature

You can now modify thevm.max_map_count Linux kernel attribute for nodes in a GKE Standard cluster node pool using the node system configuration. To learn more, seeSysctl configuration options.

December 18, 2023

Feature

All newly created Google Kubernetes Engine (GKE) Autopilot clusters starting with 1.27.4-gke.900 will automatically collect and send metrics from thekube-state-metrics package toManaged Service for Prometheus.

Feature

The GKE NEG controller now supports IPv6 endpoints with GKE version 1.28.4-gke.1083000 and later.

With this new capability, when you create a dual stack Service in a dual stack GKE cluster, any NEGs associated with the Service will now contain both IPv4 and IPv6 endpoints. Existing dual stack Services utilizing NEGs (i.e. Ingress, Services using Standalone NEGs) will be migrated from "IPv4 only" endpoints to "IPv4 + IPv6" endpoints.

The migration will be completed in approximately one hour. In the event that a NEG contains a single endpoint, you might experience brief downtime of approximately 1-2 minutes during the migration of that endpoint.

Note that Having IPv6 endpoints in NEGs doesn't necessarily mean that the load balancer uses IPv6 for communication. How the load balancer communicates with your Pod depends on how the BackendService is configured, such as fields likeIpAddressSelectionPolicy.

December 15, 2023

Feature

TheObservability tab in the cluster details page for each cluster and in the GKE cluster list page now shows GPU metrics if the cluster has GPU nodes. For more information, seeView observability metrics.

December 14, 2023

Security

An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to escalate privileges in the cluster.

For more information, see theGCP-2023-047 security bulletin.

Issue

We've identified an issue with configuring TLS for Gateways in clusters running GKE version 1.28.4-gke.1083000. This affects TLS configurations using either anSSLCertificate or aCertificateMap. If you're upgrading a cluster with existing Gateways, updates made to the Gateway will fail. For brand new Gateways, the load balancers won't be provisioned. This issue will be fixed in an upcoming GKE 1.28 patch version.

December 12, 2023

Change

(2023-R26) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters.

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Stable channel

There are no new releases in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts are already in progresswhen we publish the release notes, and can take multiple days to complete across all Google Cloudzones.

December 06, 2023

Fixed

This is an update to the release note regarding the Dataplane V2 issue published onSeptember 07, 2023. The issue, which affected GKE version 1.26, is fixed in control plane versions 1.26.9-gke.1507000 and later. Automatic upgrades will only move clusters to the patched versions.

December 04, 2023

Change

(2023-R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.28.3-gke.1203001 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.24.17-gke.200
    • 1.24.17-gke.2113000
    • 1.24.17-gke.2155000
    • 1.24.17-gke.2230000
    • 1.25.13-gke.200
    • 1.25.14-gke.1421000
    • 1.25.14-gke.1474000
    • 1.25.15-gke.1083000
    • 1.26.8-gke.200
    • 1.26.9-gke.1437000
    • 1.26.9-gke.1507000
    • 1.26.10-gke.1073000
    • 1.27.4-gke.900
    • 1.27.6-gke.1248000
    • 1.27.6-gke.1445000
    • 1.27.7-gke.1088000
    • 1.28.2-gke.1157000
    • 1.28.3-gke.1090000
    • 1.28.3-gke.1118000
    • 1.28.3-gke.1203000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.17-gke.2266000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.17-gke.2266000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.10-gke.1101000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.5-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.5-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.3-gke.1203001 with this release.

November 29, 2023

Fixed

The following GKE versions fix an issue that could cause the NVIDIA GPU driver installer image to be garbage collected on Container-optimized OS nodes:

  • 1.25.15-gke.1040000 and later
  • 1.26.10-gke.1030000 and later
  • 1.27.6-gke.1513000 and later
  • 1.28.3-gke.1061000 and later
Feature

Starting in GKE 1.27.7, you can configure your workloads to use TPU reservations withnode auto-provisioning.

Feature

Starting in GKE version 1.27.6-gke.1248000, clusters in Autopilot mode detect nodes that can't fit all DaemonSets and, over time, migrate workloads to larger nodes that can fit all DaemonSets. For more information, seeBest practices for DaemonSets on Autopilot.

November 22, 2023

Security

A vulnerability (CVE-2023-5717) has been discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

GKE clusters are impacted.

For more information, see theGCP-2023-046 security bulletin.

November 17, 2023

Change

(2023-R24) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
Feature

You can now run workloads on L4 GPUs in Autopilot clusters that use GKE version 1.28.3-gke.1203000 and later. For instructions, seeDeploy GPU workloads in Autopilot.

November 15, 2023

Feature

Dynamic Workload Scheduler support on GKE through the Provisioning Request API launched in Preview in version 1.28. Use the Dynamic Workload Scheduler to get large atomic sets of available GPU models in GKE Standard clusters. For more information, seeDeploy GPUs for batch workloads with ProvisioningRequest.

November 14, 2023

Security

The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

  • CVE-2023-4147

For more information, seethe GCP-2023-042 security bulletin.

November 10, 2023

Security

A vulnerability (CVE-2023-4004) has been discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes. GKE clusters are impacted. For more information, see theGCP-2023-041 security bulletin.

Feature

TheObservability tab for a GKE deployment now shows application performance metrics if the metrics are available. The supported metric sources include Istio, GKE Ingress, NGINX Ingress and gRPC, and HTTP metrics collected by using Google Managed Service for Prometheus. For more information, seeUse application performance metrics.

November 09, 2023

Change

(2023-R23) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
Feature

GKE Infrastructure Dashboards and Metrics Packages are now generally available for both GKE Autopilot and Standard clusters with control plane version 1.27.2-gke.1200 and later.

You can now configure your Autopilot or Standard clusters to export a predefined list of metrics emitted by GKE managed kube-state-metrics (KSM) for workloads state and persistent storage. The component will run in the GKE system namespace "gke-managed-cim" to collect the metrics using Google Cloud Managed Service for Prometheus and send them to Cloud Monitoring. You canview the metrics in the newPersistent andWorkloads State dashboards in the Observability tab.

November 08, 2023

Feature

New inference-focused Cloud Tensor Processing Unit (TPU) v5e machine types are available in GKE. These single-host TPU VMs are designed for inference workloads and contain one, four, or eight TPU v5e chips. Thesethree new TPU v5e machine types (ct5l-hightpu-1t,ct5l-hightpu-4t, andct5l-hightpu-8t) are currently available in theus-central1-a andeurope-west4-b zones.

Feature

Cloud Tensor Processing Unit (TPU) v5e isgenerally available in clusters running GKE version 1.27.2-gke.2100 and later.

TPU v5e is purpose-built to bring the cost-efficiency and performance required for medium- and large-scale training and inference. TPU v5e delivers up to 2x higher training performance per dollar and up to 2.5x inference performance per dollar for LLMs and gen AI models compared to Cloud TPU v4. At less than half the cost of TPU v4, TPU v5e makes it possible for more organizations to train and deploy larger, more complex AI models.

November 07, 2023

Security

A set of vulnerabilities (CVE-2023-4015, CVE-2023-4623, CVE-2023-4623, CVE-2023-4921) have been discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.

GKE clusters are impacted.

For more information, see the following security bulletins:

Change

GKE begins automatically upgrading clusters still running version 1.24 to version 1.25 after1.24 reaches end of life on January 8, 2024. We extended this date from October 31, 2023 to minimize disruptions around the end-of-year holiday period, and will provide patches only for critical vulnerabilities during this extended period. To learn more about the GKE minor version lifecycle, seeGKE versioning and support. GKE continues topause automatic upgrades until January 8, 2024 for clusters still using deprecated APIs removed in version 1.25, includingbeta APIs andPodSecurityPolicy. We recommend that you upgrade your clusters to version 1.25 as soon as possible as GKE minor versions that have reached end of life will no longer receive security patches and bug fixes.

November 02, 2023

Fixed

A bug that caused failures when many concurrent operations were run on the same cluster (such as when creating multiple node pools) has been fixed.

October 31, 2023

Feature

GKE multi-cluster Gateway is now generally available in GKE versions 1.24 and later for GKE Standard clusters, and versions 1.26 and later for GKE Autopilot clusters. Use theGateway API to express the intent of your inbound HTTP(S) traffic into your fleet of GKE clusters. Themulti-cluster Gateway controller deploys and manages theApplication Load Balancers that forward traffic to your applications. To learn more, seeEnable multi-cluster Gateways. For the list of supported Cloud Load Balancers and their features, refer toGatewayClass capabilities.

October 30, 2023

Change

You can now useGKE node service account insights to troubleshoot common GKE node service account issues. These insights are available in theNetwork Analyzer and theRecommender API.

October 23, 2023

Fixed

TheCloud Storage FUSE CSI driver now enforces injected sidecar containers to follow theRestricted Pod security standard. This change is available inv0.1.6 of the driver, and in GKE clusters with control planes running the following versions: 1.24.17-gke.2146000, 1.25.14-gke.1466000, 1.26.9-gke.1494000, 1.27.6-gke.1506000, and 1.28.2-gke.1157000 or later.

October 20, 2023

Fixed

New Autopilot clusters created with versions 1.24.17-gke.2146000, 1.25.14-gke.1466000, and 1.26.9-gke.1494000 or later are now provisioned with e2-small default nodes, which are removed immediately after cluster creation. With this change, DaemonSets are guaranteed to schedule on all candidate nodes if you followbest practices for DaemonSets on Autopilot.

Feature

You can now use the GKE API to apply Resource Manager tags to your GKE resources. GKE attaches these tags to the underlying Compute Engine VMs. You can use these tags toselectively enforce Cloud Firewall network firewall policies. This feature is available in Public Preview in GKE version 1.28 and later.

October 19, 2023

Change

(2023-R22) Version updates

GKE cluster versions have been updated. There are no version updates for 2023-R21.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Stable channel

  • There are no new releases in the Stable release channel.

Regular channel

  • There are no new releases in the Regular release channel.

Rapid channel

Feature

Compute resources can now be reserved in advance for use with GKE. Create afuture reservation to request assurance of important or difficult-to-obtain capacity in advance. There are no additional costs for creating future reservation requests. You only start to pay when Compute Engine provisions the reserved resources, and you're charged at the same cost as on-demand reservations.

October 16, 2023

Feature

Filestore Enterprise now supports backups on GKE, allowing you to make reliable copies of your data to be stored for later use. To trigger backups on Filestore Enterprise, useKubernetes volume snapshots. Backups are currently not supported for Filestore Enterprise instances withmultishares enabled.

October 13, 2023

Change

(2023-R20) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Stable channel

  • There are no new releases in the Stable release channel.

Regular channel

  • There are no new releases in the Regular release channel.

Rapid channel

Change

Containers running in nodes in GKE version 1.28.1-gke.201 or later don't need to have privileged mode enabled to access TPUs. When upgrading a cluster to 1.28.1-gke.201 or later, we recommend removingprivileged: true from thesecurityContext of any TPU workload. To learn more, seeDeploy TPU workloads.

Feature

Starting in GKE 1.28.1-gke.1066000,two new TPU usage metrics are available: TensorCore utilization and Memory Bandwidth utilization.

October 10, 2023

Security

A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including the golang HTTP server used by Kubernetes. The vulnerability could lead to a DoS of the Google Kubernetes Engine (GKE) control plane. GKE clusters with authorized networks configured are protected by limiting network access, but all other clusters are affected. For more information, see theGCP-2023-030 security bulletin.

October 09, 2023

Feature

If you are using athird generation machine series (for example, C3), GKE configures Local SSD volumes as the local ephemeral storage by default. You no longer need to specify the--ephemeral-storage-local-ssd flag when provisioning clusters or node pools. When you configure Local SSD volumes as raw block storage with the--local-nvme-ssd-block flag, specifying thecount value is now optional.

October 06, 2023

Change

A previously published release note onDecember 14, 2022 has been updated. Support for migration of GKE Autopilot clusters' datapath provider to Dataplane V2 has been paused. We will update this release note when migration support resumes.

October 05, 2023

Change

(2023-R19) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Stable channel

  • The following version is no longer available in the Stable channel: 1.26.5-gke.2100

Regular channel

  • There are no new releases in the Regular release channel.

Rapid channel

Fixed

An issue was previously reported with running certain commands in container images when Image streaming is enabled. See theAugust 31, 2023 release note for details. This issue is fixed in the following minor versions:

  • 1.25 with the patch versions 1.25.14-gke.1351000 and later.
  • 1.25 with the patch versions 1.26.9-gke.1345000 and later.
  • 1.27 with the patch versions 1.27.6-gke.100 and later.
  • 1.28 with the patch version 1.28.1-gke.1157000 and later.

To receive the fix, upgrade your nodes to an applicable patch version.

October 04, 2023

Issue

Log rotation is misconfigured on nodes running a COS-based image type (cos_containerd). This affects all COS-based nodes running version 1.28 or higher. As a result of this issue, your logs may fill up the disk and cause your nodes to be marked as 'Not Ready' and to be auto-repaired. As a workaround, use aprivileged DaemonSet to change the logrotate path to/usr/bin/ instead of/usr/sbin/ in Systemd unitkube-logrotate.service.

October 02, 2023

Feature

GKE now delivers insights and recommendations if users have installed webhooks that intercept system resources or webhooks that have no available endpoints. To learn more, seeEnsure control plane stability when using webhooks.

September 29, 2023

Fixed

This is a follow-up message to the release note regarding blue-green upgrades fromSeptember 18, 2023. You can now resume upgrading clusters with the blue-green upgrade strategy as the issue with rollback functionality has been fixed. GKE is no longer blocking automatic upgrades due to this issue.

September 21, 2023

Change
Note: This is a correction of theNovember 07, 2022 release note, which omitted the applicable version numbers for this feature.

When you create a LoadBalancer service in GKE, the Google Cloud controllers automatically create the followingfirewall rules and apply them to the GKE nodes to allow inbound connections on the Service port:

  • Internal load balancer with GKE subsetting or external load balancer with regional backend services (RBS):k8s2-[cluster-id]-[namespace]-[service-name]-[suffixhash]
  • Internal load balancer without GKE subsetting or external load balancer with target pool:k8s-fw-[loadbalancer-hash]

For clusters running version 1.25 or later, these rules now include the load balancer IP address in the destination ranges field to further control the inbound connections to the nodes. You can use thegcloud compute firewall-rules describe command to check a relevant firewall. The new field in the output is similar to the following:

destinationRanges:- [LOADBALANCER_VIRTUAL_IP_ADDRESS]

For services that useexternalIP, ensure you have firewall rules that allow traffic to the specified IP addresses.

Feature

The Observability dashboards on the GKE Clusters List, Cluster Details, and Workload List pages are now customizable. Additionally, the Cluster Details dashboards can be customized across the entire project, or per-cluster for specific use cases.

September 19, 2023

Feature

Theme-central2 region in Dammam, Saudi Arabia is now available.

September 18, 2023

Change

GKE clusters running version 1.28 or later block new bindings of ClusterRolecluster-admin to Usersystem:anonymous, Groupsystem:authenticated, or Groupsystem:unauthenticated due to the security risks of these bindings. GKE does not block existing bindings.

Issue

GKE has temporarily paused all automatic node upgrades due to an issue withblue-green upgrades rollback functionality. You can stillmanually upgrade node pools with thesurge upgrade strategy. Do not manually upgrade node pools with blue-green upgrades. GKE is working on a fix for this issue and will post a follow-up note here when the issue is fixed and automatic upgrades resume.

September 12, 2023

Feature

You can now use node auto-provisioning for TPU slices. With this feature, Standard clusters with GKE version 1.28 and later provision TPU node pools and multi-host TPU accelerators automatically to ensure the capacity required to schedule AI/ML workloads. To learn more, seeConfiguring TPU node auto-provisioning.

September 11, 2023

Fixed

Compute Engine persistent disk CSI Driversdeployed on clusters running version 1.26 and later now support filesystem size expansion during restoration from a snapshot or a clone when the PVC data source is larger than the original volume. For more information, see theGitHub pull request.

September 07, 2023

Issue

For GKE clusters usingDataplane V2, upgrades to GKE version 1.26 might cause GKE to temporarily be unable to configure workloads. In some cases, this might cause existing workloads to temporarily lose networking access. This issue does not impact new clusters and GKE clusters not using Dataplane V2. For clusters running version 1.25 with Dataplane V2 enabled, GKE has temporarily disabled auto-upgrades to version 1.26. We recommend that customers not manually upgrade their Dataplane V2-enabled cluster to GKE version 1.26. This is a known issue for GKE version 1.26 and will be fixed in a future patch version of 1.26.

Security

Three vulnerabilities (CVE-2023-3676, CVE-2023-3955, CVE-2023-3893) have been discovered in Kubernetes where a user that can create Pods on Windows nodes may be able to escalate to admin privileges on those nodes. These vulnerabilities affect the Windows versions of Kubelet and the Kubernetes CSI proxy.

GKE clusters are only affected if they include Windows nodes.

For more information, see theGCP-2023-026 security bulletin.

Issue

With the recently released version of GKE, version 1.28, you cannot yet use theSidecarContainer feature withalpha clusters. Pods defining restartable Init containers will not start. This is a known issue that will be resolved in a future release.

September 05, 2023

Change

(2023-R18) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

  • The following control plane and node versions are now available:

  • The following control plane versions are no longer available: 1.23.17-gke.8400, 1.23.17-gke.10000, 1.23.17-gke.10700, 1.24.14-gke.1400, 1.24.14-gke.2100, 1.25.10-gke.2100, 1.26.5-gke.1400

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.24.14-gke.2700 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.25.10-gke.2700 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.25 to version1.25.10-gke.2700 with this release.

Stable channel

  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel: 1.23.17-gke.8400, 1.24.14-gke.1400, 1.25.10-gke.2100, 1.27.3-gke.1700
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.14-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.25.10-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.10-gke.2700 with this release.

Regular channel

  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel: 1.23.17-gke.10000, 1.24.14-gke.2700, 1.25.10-gke.2700, 1.26.5-gke.2700
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.15-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.11-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.6-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.6-gke.1700 with this release.

Rapid channel

  • Version1.27.4-gke.900 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel: 1.23.17-gke.10000, 1.23.17-gke.10700, 1.24.16-gke.500, 1.25.11-gke.1700, 1.26.6-gke.1700, 1.27.3-gke.1700
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.17-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.12-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.7-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.4-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.4-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.28 to version1.28.1-gke.200 with this release.
Change

New APIs

  • Thekubectl auth whoami command and theauthentication.k8s.io/v1 SelfSubjectReview API enables checking the authenticated user information as seen by the server.
Change

1.28 is now available in the Rapid channel

Kubernetes 1.28 is now available in the Rapid channel. For more information about the content of Kubernetes 1.28, read theKubernetes 1.28 Release Notes.

Deprecated

Deprecated API versions

These APIs are still served in version 1.28 but are in a deprecation period:

  • The following Beta versions of graduated APIs will beremoved in 1.29 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.26
      • useflowcontrol.apiserver.k8s.io/v1beta3 instead, available since 1.26.
Deprecated

Deprecated in-tree volume support

  • The Ceph CephFS (kubernetes.io/cephfs) and RBD (kubernetes.io/rbd) volume plugins are deprecated in 1.28 and will be removed in a futurerelease.
  • To determine if you have volumes or Pods using RBD or Ceph volumes, run the following commands. If either of them print output, then you are using a deprecated volume type.
    • kubectl describe pv | egrep -i 'Type: *(RBD|CephFS)'
    • kubectl describe pod -A | egrep -i 'Type: *(RBD|CephFS)'
  • Switch to use an RBD or CephFS CSI driver, such as the drivers provided in theCeph CSI GitHub repo, or use a Google-managed solution such asFilestore. For more information, refer to theOSS Kubernetes announcement and theCeph CSI GitHub repo.
Change

It is not yet possible to enable Gateway API support in GKE 1.28 (Standard or Autopilot), this will be fixed in an upcoming patch release to GKE 1.28. Clusters that already have Gateway API enabled before upgrading to GKE 1.28 will continue to be supported. This will not affect existing Gateways.

Issue

The recently released version of GKE, version 1.28, has a known regression in behavior. After node restart, Pods that have started initialization before the restart will run Init containers in-parallel with regular containers instead of waiting for Init containers to complete.

Change

To deliver a better default price-performance for applications, all GKE Autopilot clusters with control plane version 1.27.5 and later will use an SSD-based persistent disk for ephemeral storage. This change will only affect newly created clusters and new node pools created in clusters upgraded to version 1.27.5 and later.

September 01, 2023

Change

Starting on September 1, 2023, a new automation policy is in effect where GKE automatically starts a credential rotation within 30 days of your cluster's certificate authority expiry date to ensure that your cluster doesn't have a complete outage. For example, if your cluster's CA expires on 2024-01-05, an automatic rotation starts on or after 2023-12-06. Automatic credential rotation is a critical update thatignores any configured maintenance windows.

This automatic rotation might cause API clients outside the cluster, such as kubectl in a local environment, to stop working unless you update those clients to use the new credentials.

You should plan for and perform credential rotations well in advance of your cluster CA expiring to ensure a smooth transition to new credentials and minimal workload disruptions. Don't rely on automatic rotation; it is intended to be a last resort to prevent complete outages. To learn more about the stages of credential rotation, seeRotate your cluster's credentials.

August 31, 2023

Issue

For GKE nodes running version 1.25 and later, when Image streaming is enabled, themv command andrenameat2 system call might fail on symlink files in container images with the error message "No such device or address". The issue is caused by a regression on recent Linux kernels. GKE does not currently have a fix for the issue. To learn more, seethe troubleshooting section for this issue.

August 30, 2023

Feature

Your clusters can now perform operations, such as node auto-provisioning or version upgrades, on multiple node pools in parallel. You no longer have to wait for an operation to complete before you initiate another operation. This feature is enabled for all GKE versions. This change provides you with benefits like the following:

  • More efficient scaling, which results in improved savings and faster workload deployment
  • Faster, less disruptive node pool upgrades
  • Fewer "operation already in progress" messages that could delay subsequent planned operations
  • More reliable rollback behavior to fix upgrade-related disruptions in production
  • Automatic control plane resize operations won't block other operations on the cluster

TheGoogle Cloud Platform Terraform provider has also been updated to take advantage of this change.

Feature

GKE now supports the ability to create nodes and workloads with multiple network interfaces. You can create new clusters with version 1.27 and later with multi networking enabled. The additional network interfaces on the Pods can be regular interfaces or high performance interfaces where the network interface is directly attached to the Pod. For more information, seeSetup multi-network support for Pods.

August 29, 2023

Feature

You can now create Cloud Tensor Processing Unit (TPU) nodes in GKE to run AI workloads, from training to inference models. GKE manages your cluster by automating TPU resource provisioning, scaling, scheduling, repairing, and upgrading. GKE provides TPU infrastructure metrics in Cloud Monitoring, TPU logs, and error reports for better visibility and monitoring of TPU node pools in GKE clusters.TPUs are available with GKE Standard clusters. GKE supports TPU v4 in version 1.26.1.gke-1500 and later, and supports TPU v5e in version 1.27.2-gke.1500 and later. To learn more, seeAbout TPUs in GKE.

Feature

You can now sequence the rollout of cluster upgrades across fleets or across scopes. To learn more, seeAbout cluster upgrades with rollout sequencing.

August 28, 2023

Fixed

Version 4.80.0 of the Terraform provider for Google Cloud fixes an issue observed when deploying new GKE Autopilot clusters that would destroy and re-create the cluster due to a change in thedns_config state. This version of the provider ensures that customers can deploy GKE Autopilot clusters using Cloud DNS as the default in-cluster DNS provider. For more information, seeTerraform plans to re-create Autopilot cluster due todns_config change.

August 25, 2023

Feature

GKE now delivers insights and recommendations to ensure your workloads are ready for disruption using features such as Pod Disruption Budgets. To learn more, seeEnsure stateful workloads are disruption-ready.

August 22, 2023

Feature

Theeurope-west10 region in Berlin, Germany is now available.

August 17, 2023

Feature

You can now easily identify clusters that use deprecated Kubernetes APIs removed in versions1.25,1.26, and1.27. Kubernetes deprecation insights are nowavailable for these versions.

August 16, 2023

Feature

GKE Infrastructure Dashboards and Metrics Packages are now available for both GKE Autopilot and Standard clusters with control plane version 1.27.2-gke.1200 and later. You can now configure Autopilot or Standard clusters to export a predefined list of metrics emitted by GKE managed KSM (kube-state-metrics) for workloads state and Persistent Storage. These metrics are collected by Google Cloud Managed Service for Prometheus and are sent to Cloud Monitoring. You can also view new dashboards (Persistent and Workloads state) rendering those metrics in the Observability tab. For more information, seeView observability metrics.

Feature

You can now troubleshoot issues withCPU limit utilization andMemory limit utilization of containers running in GKE by using the new "interactive playbook" dashboards in Cloud Monitoring.

August 10, 2023

Change

Public clusters upgraded to GKE versions 1.24 and later will eventually be migrated to use Private Service Connect (PSC) for private control plane communication. After the control plane has been reconfigured, GKE schedules an update for your cluster's nodes to use the new private IP address to communicate with control plane. Each node pool is marked for recreation. You can usemaintenance windows to control when your nodes are recreated. There is no price increase for using GKE public clusters running on PSC. For more information, seePublic clusters with Private Service Connect.

August 09, 2023

Fixed

CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, and CVE-2023-2650 have been patched in Filestore CSI driver in GKE versions 1.23 and 1.24, for newly created clusters.

Feature

The Filestore CSI driver now supports smaller share sizes (10Gi) for Filestore multishares for GKE for enterprise instances starting in version 1.27.

August 08, 2023

Change

(2023-R17) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.3-gke.100 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.22.17-gke.12700
    • 1.22.17-gke.14100
    • 1.23.17-gke.7700
    • 1.24.14-gke.1200
    • 1.25.10-gke.1200
    • 1.25.10-gke.1400
    • 1.26.5-gke.1200
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to version1.23.17-gke.8400 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.24.14-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.25.10-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.25 to version1.25.10-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.26.5-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.27 to version1.27.3-gke.100 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.3-gke.100 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.22.17-gke.12700
    • 1.23.17-gke.7700
    • 1.24.14-gke.1200
    • 1.25.10-gke.1200
    • 1.26.5-gke.1400
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.17-gke.8400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.14-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.25.10-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.10-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.26.5-gke.2100 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.3-gke.100 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.17-gke.14100
    • 1.23.17-gke.8400
    • 1.24.14-gke.1400
    • 1.25.10-gke.1400
    • 1.26.5-gke.1400
    • 1.27.2-gke.1200
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.10000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.14-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.10-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.5-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.5-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.3-gke.100 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.3-gke.1700 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.14100
    • 1.23.17-gke.8400
    • 1.24.15-gke.1700
    • 1.25.10-gke.2700
    • 1.26.5-gke.2700
    • 1.27.3-gke.100
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.10000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.16-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.11-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.6-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.27.3-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.3-gke.1700 with this release.

August 04, 2023

Change

GKE Autopilot supports the creation of certificate signing request (CSR) objects on new clusters with version 1.27 or later, as long as those CSRs do not conflict with system components identities, and Google-managed IAM service accounts. This feature will be enabled for existing 1.27 clusters within the next few weeks.

August 02, 2023

Feature

You can now run workloads on A100 80GB GPUs inAutopilot clusters that use GKE version 1.27 and later.

July 26, 2023

Change

(2023-R16) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.2-gke.1200 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.21.14-gke.18800
    • 1.23.17-gke.6800
    • 1.23.17-gke.7000
    • 1.24.13-gke.2500
    • 1.25.8-gke.1000
    • 1.25.9-gke.2300
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to version1.23.17-gke.7700 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.24.14-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.25.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.25 to version1.25.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.26 to version1.26.5-gke.1400 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.26.5-gke.1400 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.18800
    • 1.23.17-gke.6800
    • 1.24.13-gke.2500
    • 1.25.9-gke.2300
    • 1.26.5-gke.1200
    • 1.27.2-gke.1200
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.17-gke.7700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.14-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.25.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.26 to version1.26.5-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.3-gke.100 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.2-gke.1200 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.18800
    • 1.22.17-gke.12700
    • 1.23.17-gke.7000
    • 1.24.14-gke.1200
    • 1.25.10-gke.1200
    • 1.26.5-gke.1200
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.17-gke.14100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.8400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.14-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.10-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.5-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.5-gke.1400 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.3-gke.100 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.18800
    • 1.23.17-gke.7700
    • 1.24.14-gke.2700
    • 1.25.10-gke.2100
    • 1.26.5-gke.2100
    • 1.27.2-gke.2100
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.8400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.15-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.10-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.5-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.5-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.3-gke.100 with this release.

July 25, 2023

Feature

Kubernetes control plane logs andKubernetes control plane metrics are now available for GKE Autopilot clusters with control plane version 1.22.0 and later and 1.22.13 and later, respectively. You can now configure Autopilot cluster to export logs and certain metrics emitted by the Kubernetes API server, scheduler, and controller manager to Cloud Logging and Cloud Monitoring.

July 24, 2023

Change

In new Autopilot clusters running GKE version 1.27 and later, GKE assigns IP addresses for GKE Services from a Google-managed range:34.118.224.0/20 by default. With this feature, you don't need to specify your own IP address range for Services. For more information, seeSubnet secondary IP address range for Services.

Feature

GKE Autopilot supports extended duration Pods from 1.27 or later with thecluster-autoscaler.kubernetes.io/safe-to-evict=false annotation. To learn more, seehow to extend the run time of Autopilot Pods.

July 21, 2023

Issue

Update to the Issue release note published on July 19, 2023

We investigated this issue and are rolling back the--no-enable-insecure-kubelet-readonly-port flag in the gcloud CLI. New or existing clusters where the port is still enabled aren't affected. If you already disabled the port, your cluster will continue to work, but you may notice inconsistency in whether the port is fully disabled on every node of the cluster. We'll publish a release note if we have new updates related to the kubelet read-only port.

July 20, 2023

Fixed

In GKE version 1.25 and later, there is a bug fix in the Ingress Controller to unset the Cloud Armor Ingress Security Policy when removed from the BackendConfig.

Users who have manually attached the Security Policy to a backend service should no longer use this method and should use theBackendConfig to continue using Cloud Armor Security Policies prior to cluster upgrades to GKE version 1.25 and later.

With this fix, the Ingress Controller will reconcile using the configuration in the BackendConfig, thus unsetting any Security Policies added manually to a backend service.

July 19, 2023

Issue

There's a known issue causing the gcloud CLI to crash when you run the command to disable the insecure kubelet read-only port, as described inStop using the insecure kubelet read-only port in GKE clusters. We're investigating this issue and will publish an update when it's fixed.

Change

Starting in GKE version 1.27 and gke-metrics-agent version 2.0.0, the memory request and limit ofgke-metrics-agent will increase by an extra 60MiB. This change makes the system metrics collection more stable and reliable.

July 14, 2023

Fixed

New Autopilot clusters created with version1.27.3-gke.100 or later are now provisioned withe2-small default nodes, which are removed immediately after cluster creation. With this change, DaemonSets are guaranteed to schedule on all candidate nodes, as long as you followbest practices for DaemonSets on Autopilot.

July 13, 2023

Feature

The managedCloud Storage FUSE CSI driver for GKE is now GA in versions 1.26.5 and later. You can use this driver to consume Cloud Storage buckets for GKE workloads.

July 12, 2023

Change

Revision for the release note announced on June 26, 2023

Starting August 2023, Cloud DNS will become the default DNS provider for new GKE Autopilot clusters created with version 1.25.9-gke.400 or later, or version 1.26.4-gke.500 or later (effectively replacing kube-dns). The rollout will be gradual and expected to be completed by August 11, 2023. To learn more, seeCloud DNS for GKE.

Feature

In GKE version 1.24 and later, new beta APIs are, by default, disabled in new clusters. Starting in version 1.27, which is the first new minor version since 1.24 where new beta APIs are introduced, you can enable new APIs on cluster creation or for an existing cluster.

For more information, see how toUse Kubernetes beta APIs with GKE clusters.

Feature

GKE Dataplane V2 observability is now available in Public Preview starting in GKE versions 1.26.4-gke.500 or later, or 1.27.1-gke.400 or later. You can now enable Dataplane V2 metrics and observability tools on your cluster. Dataplane V2 metrics are included in new Autopilot clusters and opt-in for new Standard clusters. You can opt-in to enable Dataplane V2 observability tools for Autopilot and Standard clusters. Existing clusters can also be updated to enable metrics and observability tooling.

For more information, check outGKE Dataplane V2 observability.

July 11, 2023

Feature

You can now troubleshoot common GKE issues by using the new "interactive playbook" dashboards in Cloud Monitoring:unschedulable pods andcrashlooping containers. You can also access the interactive playbooks from GKE UI insights and set alerts that will allow you to know once those issues occurs.

For information about using these dashboards, see the GKE troubleshooting documentation forunschedulable pods andcrashlooping.

Feature

Starting in GKE version 1.27, cluster autoscaler always considers Compute Engine Reservations when making the scale-up decisions. The node pools with matching unused reservations are prioritized when choosing the node pool to scale up, even when the node pool is not the most efficient one. Additionally, unused reservations are always prioritized when balancing multi-zonal scale-ups.

For more information, see how touse cluster autoscaler.

July 10, 2023

Feature

The new release of the GKE Gateway controller (2023-R2) is now generally available. With this release, the GKE Gateway controller will provide the following new capabilities:

  • New GatewayClasses supporting the regional external Application Load Balancer
  • Identity-aware Proxy (IAP) Integration
  • Custom request and response headers
  • URL Rewrites and Path Redirects

To learn more, see thesupported capabilities per GatewayClass.

July 07, 2023

Change

(2023-R15) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.26.5-gke.1200 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.23.17-gke.5600
    • 1.24.12-gke.1000
    • 1.25.8-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.17-gke.6800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.13-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.25.9-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.9-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.27 to version1.27.2-gke.1200 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.2-gke.2100 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.12700
    • 1.23.17-gke.7000
    • 1.24.14-gke.2100
    • 1.25.10-gke.1400
    • 1.26.5-gke.1400
    • 1.27.2-gke.1200
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.14100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.7700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.14-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.10-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.5-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.5-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.2-gke.2100 with this release.

June 28, 2023

Change

FQDN Network Policy, currently in Public Preview, can now be enabled on GKE Autopilot clusters, by updating your clusters. To lean more, seeControl Pod egress traffic using FQDN network policies.

June 27, 2023

Security

With CVE-2023-31436, an out-of-bounds memory access flaw was found in the Linux kernel's traffic control (QoS) subsystem in how a user triggers the qfq_change_class function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on the system.

For more information, see theGCP-2023-017 security bulletin.

Change

(2023-R14) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.26.5-gke.1200 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.17-gke.11400
    • 1.23.17-gke.5600
    • 1.24.12-gke.1000
    • 1.25.8-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.17-gke.12700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.6800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.13-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.9-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.26.5-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.5-gke.1200 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
Security

A new vulnerability (CVE-2023-2235) has been discovered in the Linux kernel that can lead to a privilege escalation on the node. For more information, see theGCP-2023-018 security bulletin.

June 26, 2023

Change

Starting June 26, 2023,Cloud DNS becomes the default DNS provider for new GKE Autopilot clusters created with version 1.25.9-gke.400 or later or version 1.26.4-gke.500 or later, effectively replacing kube-dns. To learn more, seeCloud DNS for GKE.

Feature

Managed Service for Prometheus is enabled by default in new GKE Standard clusters running version 1.27 and later. Existing clusters that upgrade to 1.27 will not automatically enable this feature. For more information, seeEnable managed collection: GKE.

June 23, 2023

Feature

Automatic GPU driver installation is available in version 1.27.2-gke.1200 and later, which enables you to install NVIDIA GPU drivers on nodes without manually applying a DaemonSet.

For instructions, seeRunning GPUs.

June 22, 2023

Feature

GKE Autopilot now supports the ability to deploy your own service mesh. Many service meshes, such as Istio or LinkerD, require CAP_NET_ADMIN Linux capability to function, which is disabled on Autopilot clusters by default to reduce the size of the security attack surface. You can now optionally enable NET_ADMIN on your Autopilot clusters if you need this capability for your service meshes or other opt-in use cases. SeeAutopilot Security for more information for how to enable NET_ADMIN.

June 21, 2023

Security

A new vulnerability, CVE-2023-0468, has been discovered in the Linux kernel that could allow an unprivileged user to escalate privileges to root when io_poll_get_ownership will keep increasing req->poll_refs on every io_poll_wake then overflow to 0 which will fput req->file twice and cause a struct file refcount issue. GKE clusters, including Autopilot clusters, with Container-Optimized OS using Linux Kernel version 5.15 are affected. GKE clusters using Ubuntu images or using GKE Sandbox are unaffected.

For instructions and more details, see theGKE security bulletin.

Feature

GKE support forHyperdisk Throughput and Hyperdisk Extreme as an attached persistent disk option is now generally available. Support is available for both Autopilot and Standard clusters running GKE versions 1.26 and later.

June 16, 2023

Security

Two new security issues were discovered in Kubernetes where users may be able to launch containers that bypass policy restrictions when using ephemeral containers and either ImagePolicyWebhook (CVE-2023-2727) or the ServiceAccount admission plugin (CVE-2023-2728).

For more information, see theGCP-2023-014 security bulletin.

June 15, 2023

Change

(2023-R13) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.25.8-gke.1000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.17-gke.8000
    • 1.23.17-gke.2000
    • 1.25.8-gke.500
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.17-gke.11400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.5600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.17-gke.5600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.8-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.8-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.27 to version1.27.2-gke.1200 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.27.2-gke.1200 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.11400
    • 1.23.17-gke.5600
    • 1.24.14-gke.1200
    • 1.25.9-gke.2300
    • 1.26.3-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.12700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.6800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.14-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.26.5-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.5-gke.1200 with this release.

June 14, 2023

Feature

Clusters with low or no utilization can be identified byIdle Cluster insights.

June 12, 2023

Feature

Dual-stack LoadBalancer Services are now available in Preview. Dual-stack LoadBalancer Services are supported on both GKE Standard and Autopilot dual-stack clusters. To learn more, seeSingle-stack and dual-stack Services.

Feature

You can now usedeprecation insights to identify clusters on versions 1.21 to 1.24 that use Pod Security Policy, which is unsupported on GKE version 1.25 and later.

June 09, 2023

Feature

New Autopilot clusters that run GKE version 1.25.5-gke.1000 and later automatically useImage streaming to pull eligible images.

Feature

In addition to the existing egress network policy GKE already supports, you can now control the egress traffic of your Pods by using a network policy that matches a fully-qualified domain name or a regular expression. FQDN Network Policy is now available in Preview for clusters in version 1.26.4-gke.500 and later, and 1.27.1-gke.400 and later. For more information, seeControl Pod egress traffic using FQDN network policies.

June 08, 2023

Change

The PD CSI Driver will be automatically enabled on upgrades to 1.25, for clusters with the add-on disabled. There are no cost implications for enabling the driver, and it requests only a small amount of node resources. This upgrade enablesgce-pd volumes to continue working on Kubernetes clusters version 1.25 and later. You can still disable the driver manually after upgrade. For more details, seeConfiguring add-ons.

June 07, 2023

Change

(2023-R12) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.25.8-gke.1000 is now the default version in the Stable channel.
  • Version 1.21.14-gke.18100 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.18800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.14-gke.18800 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • Version1.24.13-gke.2500 is now available in the Regular channel.
  • Version 1.24.12-gke.500 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.12-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.12-gke.1000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts arealready in progress when we publish the release notes, and can take multipledays to complete across all Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.8000
    • 1.23.17-gke.2000
    • 1.23.17-gke.3600
    • 1.24.13-gke.2500
    • 1.25.8-gke.1000
    • 1.26.4-gke.500
    • 1.26.4-gke.1400
    • 1.27.1-gke.400
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.11400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.5600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.14-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.9-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.9-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.2-gke.1200 with this release.

June 06, 2023

Security

A new vulnerability (CVE-2023-2878) has been discovered in the secrets-store-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. On GKE, the severity is None. For more information, see theGCP-2023-009 security bulletin.

Security

A new vulnerability (CVE-2023-1872) has been discovered in the Linux kernel that can lead to a privilege escalation to root on the node. For more information, see theGCP-2023-008.

June 05, 2023

Change

(2023-R11) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.12-gke.500 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.22.17-gke.7500
    • 1.23.17-gke.1700
    • 1.24.10-gke.2300
    • 1.25.8-gke.500
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.17-gke.8000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.17-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.12-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.24.12-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.8-gke.1000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

June 01, 2023

Feature

Agones on GKE users will getrecommendations and insights if they did not install the Agones controller on dedicated nodes.

May 26, 2023

Feature

TheObservability tab for each of your GKE clusters now includes metrics for ephemeral storage. For more information, seeView observability metrics.

May 25, 2023

Fixed

CVE-2022-4450, CVE-2022-2097, CVE-2023-0286, CVE-2023-0215, and CVE-2022-4304 have been patched in all minor versions for all existing and new clusters using theCompute Engine persistent disk CSI driver.

Change

For VPC peering-based private clusters running version 1.27 or later, traffic from kube-apiserver to nodes routes throughthe Konnectivity service. If your cluster was created before 2020-09-17, this traffic from does not route through Konnectivity unless you haverotated the control plane IP address after 2020-09-17.

May 23, 2023

Fixed

CVE-2023-26604 has been fixed in clusters running version 1.25 using theFilestore CSI driver. The fix is transparent, but to mitigate instability, it is available bymanually upgrading the cluster to the newest 1.25 patch version. The CVE is not present in clusters running version 1.26 or later.

May 22, 2023

Feature

The C3 machine family is generally available for GKE Standard clusters running on version 1.22 and later. You can select this family by using the--machine-type flag when creating a cluster or node pool.

The following features are not supported for this machine family:

  • Node auto-provisioning.
  • Confidential GKE nodes.
  • Local SSD.
  • Standard persistent disks (pd-standard).

For more information, refer to theC3 machine series documentation.

May 18, 2023

Security

Two new vulnerabilities (CVE-2023-1281, CVE-2023-1829) have been discovered in the Linux kernel that can lead to a privilege escalation to root on the node. GKE Standard clusters are affected. For more information, see theGCP-2023-005 security bulletin.

May 16, 2023

Deprecated

Deprecated API versions

These APIs are still served in version 1.27 but are in a deprecation period:

  • The following Beta versions of graduated APIs will beremoved in 1.29 in favor of newer versions:

    • flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema, PriorityLevelConfiguration

      • deprecated since 1.26
      • use flowcontrol.apiserver.k8s.io/v1beta3 instead, available since 1.26
Change

Removed API versions

The following Beta versions of graduated APIs will beremoved in 1.27 in favor of newer versions:

  • storage.k8s.io/v1beta1 CSIStorageCapacity

    • deprecated since 1.24
    • use storage.k8s.io/v1 instead, available since 1.24
Change

1.27 is now available in the Rapid channel

Kubernetes 1.27 is now available in the Rapid channel. For more information about the content of Kubernetes 1.27, read theKubernetes 1.27 Release Notes.

May 12, 2023

Feature

The g2-standard machine family with NVIDIA L4 is generally available for node pools in clusters running GKE version 1.22 and later. To select the machine family, use the--machine-type flag in your create command.

May 09, 2023

Change

(2023-R10) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.8-gke.500 is now the default version.
  • The following control plane versions are now available:
  • The following versions are no longer available:
    • 1.21.14-gke.8500
    • 1.21.14-gke.15800
    • 1.22.17-gke.5400
    • 1.22.17-gke.6100
    • 1.23.16-gke.1400
    • 1.23.16-gke.2500
    • 1.23.17-gke.300
    • 1.24.9-gke.3200
    • 1.24.10-gke.1200
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.21.14-gke.18100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.22.17-gke.7500 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to version1.23.17-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.24.11-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.24.11-gke.1000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.11-gke.1000 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.15800
    • 1.22.17-gke.5400
    • 1.23.16-gke.1400
    • 1.24.9-gke.3200
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.18100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.17-gke.7500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.17-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.11-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.24.11-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.25 to version1.25.8-gke.500 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.8-gke.500 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.17-gke.6100
    • 1.23.17-gke.300
    • 1.24.10-gke.2300
    • 1.25.7-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.17-gke.7500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.11-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.25.8-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.8-gke.500 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.26.3-gke.1000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.7500
    • 1.23.17-gke.300
    • 1.24.12-gke.1000
    • 1.25.8-gke.500
    • 1.26.3-gke.400
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.8000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.13-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.8-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.8-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.3-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.27 to version1.27.1-gke.400 with this release.
Feature

Now in GA for both GKE Standard and Autopilot clusters with GKE version 1.26 and later, you can add more IPv4 secondary Pod ranges to a new or existing cluster with the--additional-pod-ipv4-ranges flag. To learn more, seeAdding Pod IP addresses.

May 03, 2023

Change

In GKE version 1.26, for VPC peering-based private clusters that were created after 2020-08,the Konnectivity service will be initialized but not used. Traffic from kube-apiserver to nodes continues to route directly.

May 02, 2023

Change

We're working on automatically enabling the PD CSI Driver on upgrades to 1.25, for clusters with the add-on disabled. There are no cost implications for enabling the driver, and it requests only a small amount of node resources. This upgrade enablesgce-pd volumes to continue working on Kubernetes clusters version 1.25 and greater. You can still disable the driver manually after upgrade. For more details, please readhere.

Feature

The managedCloud Storage FUSE CSI driver for GKE is now available in Preview in GKE versions 1.26.3 and later. You can use this driver to consume Cloud Storage buckets for GKE workloads.

April 19, 2023

Change

(2023-R09) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.11-gke.1000 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.24.10-gke.2300 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.7-gke.1000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • Version 1.23.16-gke.2500 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.17-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.17-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.26 to version1.26.2-gke.1000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.26.3-gke.400 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.6100
    • 1.23.16-gke.2500
    • 1.24.12-gke.500
    • 1.25.7-gke.1000
    • 1.26.2-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.7500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.17-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.12-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.8-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.8-gke.500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.3-gke.400 with this release.

April 11, 2023

Security

Two new vulnerabilities, CVE-2023-0240 and CVE-2023-23586, have been discovered in the Linux kernel that could allow an unprivileged user to escalate privileges. For more information, see theGCP-2023-003 security bulletin.

Change

In GKE 1.27 and later, GKE nodes will not keep compressed image layers in containerd's content store once they have been unpacked, by settingdiscard_unpacked_layers=true in containerd configuration. This change will not impact workloads running as Kubernetes Pods and Containers. However, if your workload relies on the image layers in containerd's content store, please make sure your workload can handle the case where image layers are missing.

March 31, 2023

Change

(2023-R08) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • Version1.24.10-gke.2300 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.18100
    • 1.22.17-gke.5400
    • 1.24.9-gke.3200
    • 1.25.6-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.14-gke.18800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.22.17-gke.6100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.22 to1.23.16-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.23 to1.24.10-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.24 to1.24.10-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.25 to1.25.7-gke.1000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

March 30, 2023

Feature

Theme-central1 region in Doha, Qatar is now available.

March 29, 2023

Feature

Starting from GKE 1.26,cluster autoscaler can drain Pods from multiple nodes in parallel. The removal criteria are not changing, so the end state after scale down is going to be the same, but it will be achieved faster.

March 23, 2023

Feature

Theeurope-west12 region in Turin, Italy is now available.

March 22, 2023

Change

(2023-R07) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

March 21, 2023

Announcement

Starting on March 21, 2023, traffic to k8s.gcr.io will be redirected to registry.k8s.io, following thecommunity announcement. This change will happen gradually to reduce disruption, and should be transparent to the majority of GKE clusters.

To check for edge cases, and mitigate a potential impact, follow the step-by-step guidance ink8s.gcr.io Redirect to registry.k8s.io - What You Need to Know.

March 07, 2023

Feature

Backend Service-based external Network load balancers are now generally available with GKE. Regional Backend Service is a foundational element of a Google Cloud Load Balancer and using it for your external LoadBalancer Services will unlock new capabilities going forward. To learn more, seehow to deploy a backend service-based external network load balancer.

March 03, 2023

Change

(2023-R06) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.9-gke.3200 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.14100
    • 1.23.14-gke.1800
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.14600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.14-gke.14600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.16-gke.1100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.23.16-gke.1100 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.26.1-gke.1500 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.15800
    • 1.22.17-gke.4000
    • 1.23.16-gke.1100
    • 1.24.10-gke.1200
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.18100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.4300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.16-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.10-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.10-gke.2300 with this release.

March 01, 2023

Security

A new vulnerability (CVE-2022-4696) has been discovered in the Linux kernel that can lead to a privilege escalation on the node. GKE clusters, including Autopilot clusters, are impacted. GKE clusters using GKE Sandbox are not affected. For instructions and more details, see theGKE security bulletin.

February 22, 2023

Change

(2023-R05) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.9-gke.3200 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.21.14-gke.7100
    • 1.22.15-gke.1000
    • 1.22.15-gke.2500
    • 1.22.16-gke.1300
    • 1.22.16-gke.2000
    • 1.25.5-gke.2000
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to version1.21.14-gke.14100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to version1.22.17-gke.3100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.22 to version1.22.17-gke.3100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.25 to version1.25.6-gke.200 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.9-gke.3200 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.14600
    • 1.22.16-gke.2000
    • 1.23.14-gke.1800
    • 1.24.9-gke.2000
    • 1.25.5-gke.2000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.14-gke.15800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.17-gke.3100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.16-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.24.9-gke.3200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.9-gke.3200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.6-gke.200 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.6-gke.1000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.17-gke.3100
    • 1.23.16-gke.200
    • 1.24.9-gke.3200
    • 1.26.1-gke.200
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.4000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.16-gke.1100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.10-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.25.6-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.6-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.1-gke.1500 with this release.

February 17, 2023

Feature

In Standard clusters with GKE version 1.26 and later, you can now audit workloads to validate if they are compatible with Autopilot clusters. Usekubectl get audit to see the cluster objects.

February 10, 2023

Change

(2023-R04) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.9-gke.2000 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.21.14-gke.5300
    • 1.22.17-gke.1400
    • 1.22.17-gke.1900
    • 1.24.7-gke.900
    • 1.24.8-gke.401
    • 1.25.5-gke.1500
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.21.14-gke.7100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.21.14-gke.7100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to version1.23.14-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.24.8-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.25 to version1.25.5-gke.2000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.14-gke.14600 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.5300
    • 1.21.14-gke.7100
    • 1.21.14-gke.8500
    • 1.22.15-gke.2500
    • 1.23.13-gke.900
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.14100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.16-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.23.14-gke.1800 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.9-gke.2000 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.7100
    • 1.21.14-gke.8500
    • 1.22.15-gke.1000
    • 1.22.15-gke.2500
    • 1.22.16-gke.1300
    • 1.23.14-gke.401
    • 1.24.8-gke.2000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.14-gke.14600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.16-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.14-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.9-gke.2000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.6-gke.200 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.16-gke.2000
    • 1.22.17-gke.1400
    • 1.22.17-gke.1900
    • 1.23.15-gke.1400
    • 1.23.15-gke.1900
    • 1.24.8-gke.2000
    • 1.24.9-gke.1500
    • 1.24.9-gke.2000
    • 1.25.5-gke.2000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.17-gke.3100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.16-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.9-gke.3200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.9-gke.3200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.6-gke.200 with this release.

February 07, 2023

Announcement

For clusters running on GKE version1.21—which reachesend of life on January 31, 2023—youcan apply a one-timemaintenance exclusion to prevent the cluster from being upgraded until April 30, 2023.For more information, see the note atWhen does GKE resume automatic upgrades?

February 03, 2023

Fixed

ThePOD_FINDER_IP_MISMATCH errors that caused Pods to fail to access Google Cloud APIs are fixed in the following GKE versions in the Rapid release channel:

  • 1.22.17-gke.3100 or later
  • 1.23.16-gke.200 or later
  • 1.24.9-gke.3200 or later
  • 1.25.6-gke.200 or later
  • 1.26.1-gke.400 or later

To fix the issue, upgrade your nodes to any of these versions.

February 02, 2023

Change

(2023-R03) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.5300
    • 1.24.7-gke.900
    • 1.25.4-gke.2100
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.14-gke.7100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.15-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.14-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.14-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.5-gke.2000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.5-gke.2000 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.14600
    • 1.22.16-gke.1300
    • 1.23.14-gke.1800
    • 1.24.8-gke.401
    • 1.25.5-gke.1500
    • 1.26.0-gke.2000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.15800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.16-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.15-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.8-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.8-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.5-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.1-gke.200 with this release.

January 27, 2023

Issue

If containerd restarts on a node that has existing running Pods that use Workload Identity, those specific Pods might fail to access Google Cloud APIs and might return POD_FINDER_IP_MISMATCH errors. This affects nodes with the following GKE versions:

  • 1.22.16-gke.2100 and later
  • 1.23.14-gke.1900 and later
  • 1.24.7-gke.700 and later
  • 1.25.0 and later
  • 1.26.0 and later

This issue will be fixed in a future release

Feature

Starting from GKE control plane versions 1.26.0-gke.2200, 1.25.5-gke.2200, 1.24.9-gke.2200 or later, SingleStack IPv6 and DualStack (IPv4/IPv6) services, stub domains, and upstream nameservers are supported withCloud DNS for GKE.

Fixed

A known issue with kube-dns receiving a DNS response from an upstream DNS resolver with a large TTL has been fixed. For more information, seeLarge TTL from DNS upstream servers

Change

Public zonal clusters upgraded to GKE versions 1.24 and later will eventually be migrated to use Private Service Connect (PSC) for private control plane communication. There is no price increase for using GKE public clusters running on PSC.

January 26, 2023

Feature

The Balancedcompute class is now generally available in Autopilot clusters running GKE version 1.25 and later.

Feature

You can now specify a minimum CPU platform in the Balanced compute class in Autopilot clusters running GKE version 1.25 and later if your workloads have specialized CPU requirements such as a high base frequency or optimized power management functionality. For instructions, refer toChoose a minimum CPU platform.

January 24, 2023

Feature

You can now exposerandomly assigned host ports in Pods on GKE Autopilot running version 1.24.7-gke.1200 and later or 1.25.3-gke.1100 and later.

January 17, 2023

Feature

You can now attachephemeral and block devices backed by Local NVMe SSDs during GKE node pool creation, using the Ephemeral Storage Local SSD API and the Local NVMe SSD Block API respectively, with node version 1.25.3-gke.1800 or later.

January 13, 2023

Change

(2023-R02) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.14-gke.1800 is now the default version in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.23.14-gke.1800 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.8-gke.2000 is now the default version in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.14-gke.401 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.8-gke.2000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.5-gke.1500 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.14100
    • 1.22.15-gke.2500
    • 1.23.14-gke.401
    • 1.24.7-gke.900
    • 1.25.4-gke.2100
    • 1.26.0-gke.1500
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.14600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.16-gke.1300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.14-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.8-gke.401 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.8-gke.401 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.5-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.0-gke.2000 with this release.

January 12, 2023

Security

Two new vulnerabilities (CVE-2022-3786 and CVE-2022-3602) have been discovered in OpenSSL v3.0.6 that can potentially cause a crash. While this has been rated a High in the NVD database, GKE endpoints use boringSSL or an older version of OpenSSL that is not affected, so the rating has been reduced to a Medium for GKE. For more information, refer to theGCP-2022-026 security bulletin.

January 09, 2023

Feature

Windows Server 2022 OS image is generally available on GKE. You can now createWindows Node pools with Windows Server 2022 OS images using the command line.For more information, seeCreating a cluster using Windows Server node pools.

Change

The release notes for1.26 available in the Rapid channel were modified with an additional notable change:

January 05, 2023

Change

2023-01-09 update: Added an additional Notable change to 1.26 for this release note.

Change

(2023-R01) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.4-gke.2100 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.8500
    • 1.22.15-gke.1000
    • 1.23.13-gke.900
    • 1.24.6-gke.1500
    • 1.25.4-gke.1600
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.14100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.15-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.14-gke.401 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.7-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.7-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.4-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.26 to version1.26.0-gke.1500 with this release.
Change

Notable changes

Change

1.26 is now available in the Rapid channel

Kubernetes 1.26 is now available in the Rapid channel. Before upgrading, read theKubernetes 1.26 Release Notes, especially the action required and deprecation sections.

Deprecated

Deprecated API versions

These APIs are still served in version 1.26 but are in a deprecation period:

  • The following Beta versions of graduated APIs will be removed in 1.27 in favor of newer versions:
    • storage.k8s.io/v1beta1 CSIStorageCapacity
    • deprecated since 1.24
    • use storage.k8s.io/v1 instead, available since 1.24
  • The following Beta versions of graduated APIs will be removed in 1.29 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema, PriorityLevelConfiguration
    • deprecated since 1.26
    • use flowcontrol.apiserver.k8s.io/v1beta3 instead, available since 1.26
Change

New API versions

  • flowcontrol.apiserver.k8s.io/v1beta3 FlowSchema, PriorityLevelConfiguration
    • The PriorityLevelConfigurationspec.limited.assuredConcurrencyShares field is renamed tospec.limited.nominalConcurrencyShares
Deprecated

Removed API versions

The following Beta versions of graduated APIs will beremoved in 1.26 in favor of newer versions:

  • flowcontrol.apiserver.k8s.io/v1beta1 FlowSchema, PriorityLevelConfiguration
    • deprecated since 1.23
    • use flowcontrol.apiserver.k8s.io/v1beta2 instead, available since 1.23
  • autoscaling/v2beta2 HorizontalPodAutoscaler
    • deprecated since 1.23
    • use autoscaling/v2 instead, available since 1.23 (or autoscaling/v1)

January 04, 2023

Feature

You can now run GPU-based workloads in GA inAutopilot clusters that use GKE version 1.24.2-gke.1800 and later.

December 22, 2022

Feature

Dual-stack clusters in GKE are now generally available. Dual-stack networking is supported on both Standard and Autopilot clusters. To learn more, seeUse an IPv4/IPv6 dual-stack network to create a dual-stack cluster.

December 21, 2022

Security

A new vulnerability (CVE-2022-2602) has been discovered in the io_uring subsystem in the Linux kernel that can allow an attacker to potentially execute arbitrary code. For more information, see theGCP-2022-025 security bulletin.

Feature

You can now enable NCCL Fast Socket on your multi-GPU workloads. NCCL Fast Socket is a transport layer plugin designed to improve NVIDIA Collective Communication Library (NCCL) performance on Google Cloud. To enable NCCL Fast Socket, you must be using a GKE Standard cluster with control plane version 1.25.2-gke.1700 or later. For more information, seeImprove workload efficiency using NCCL Fast Socket.

December 19, 2022

Fixed

CVE-2022-37434, CVE-2022-40674, CVE-2022-1586, CVE-2022-1587 have been patched in the PD CSI driver in 1.22, 1.23, 1.24 for newly created clusters. CVE-2022-37434, CVE-2021-3999, CVE-2022-40674, CVE-2022-1586, CVE-2022-1587 have been patched in the PD CSI driver in 1.25 for newly created clusters.

December 16, 2022

Feature

Global external HTTP(S) load balancer is now supported with the GKE Gateway controller in Preview. You can now configure GKE clusters with control plane version 1.24 or later in Rapid channel to use a global external HTTP(S) load balancer to expose web services to the Internet, in a single cluster or multi-cluster architecture. You can benefit from many advanced traffic management capabilities offered by the new generation of Google Cloud global external HTTP(S) load balancers natively in GKE byusing the Kubernetes Gateway API and specifying a new Gateway class. To see the difference between Gateway classes compatible with our GKE Gateway controller, seehere.

December 14, 2022

Change

(2022-R28) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.7-gke.900 is now the default version in the Regular channel
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.13-gke.1000
    • 1.23.12-gke.1600
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.7-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.25 to version1.25.3-gke.800 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.4-gke.1600 is now the default version in the Rapid channel
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.22.15-gke.100
    • 1.23.12-gke.1600
    • 1.24.5-gke.600
    • 1.25.3-gke.800
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.15-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.23.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.4-gke.1600 with this release.
Feature

10/06/2023 update: This migration is currently paused.

GKE Autopilot clusters may now migrate the cluster's datapath provider toDataplane V2. Migration is triggered during a control plane upgrade (see version requirements below). The migration is complete once all nodes running the legacy datapath have been recreated. Node pools created after the control plane upgrade will be created using Dataplane V2.

  • For clusters running 1.24 without Dataplane V2, upgrading to1.24.7-gke.300 or a higher 1.24 version will begin the migration to Dataplane V2.

  • For clusters running 1.25 without Dataplane V2, upgrading to1.25.3-gke.200 or a higher 1.25 version will begin the migration to Dataplane V2.

To determine whether you are in the process of migrating the datapath, run:

gcloudcontainerclustersdescribe<CLUSTER>--region<REGION>--project<PROJECT>--format="value(networkConfig.datapathProvider)"

Clusters migrating to Dataplane V2 will have the datapath provider field of the cluster set toMIGRATE_TO_ADVANCED_DATAPATH.

Clusters that have migrated to Dataplane V2 will have the datapath provider field of the cluster set toADVANCED_DATAPATH.

Feature

Cloud DNS for GKE (cluster scope) is now Generally Available. You can now configure GKE clusters with control plane version 1.24.7-gke.800, 1.25.3-gke.700 or later to use Cloud DNS as the DNS provider for in-cluster name resolution, and replace the existing DNS service based on kube-dns.

December 13, 2022

Feature

Compact placement policy is now generally available. Set up a compact placement policy to specify that nodes within the node pool should be placed in closer physical proximity to each other within a zone. Having nodes closer to each other can reduce network latency between nodes, which can be useful for tightly-coupled batch workloads.

December 12, 2022

Change

Public clusters upgraded to GKE versions 1.25 and later will eventually be migrated to use Private Service Connect (PSC) for private control plane communication. There is no price increase for using GKE public clusters running on PSC.

December 05, 2022

Change

(2022-R27) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.5-gke.600 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.21.14-gke.3000
    • 1.21.14-gke.9500
    • 1.22.12-gke.2300
    • 1.23.8-gke.1900
    • 1.23.9-gke.900
    • 1.23.9-gke.2100
    • 1.23.10-gke.1000
    • 1.24.4-gke.800
  • The following node version is no longer available: 1.21.14-gke.9500
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.21.14-gke.4300 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.23.11-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.24.5-gke.600 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.11-gke.300 is now the default version in the Stable channel
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.3000
    • 1.22.12-gke.2300
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.4300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.24 to version1.24.7-gke.900 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.5-gke.600 is now the default version in the Regular channel
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.22.12-gke.2300
    • 1.23.12-gke.100
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.13-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.23.12-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.12-gke.1600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.25.3-gke.800 is now the default version in the Rapid channel
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.7100
    • 1.21.14-gke.9500
    • 1.22.14-gke.300
    • 1.23.12-gke.100
    • 1.24.4-gke.800
    • 1.25.2-gke.1700
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.8500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.12-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.6-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.6-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.3-gke.800 with this release.

November 29, 2022

Feature

You can now usedeprecation insights to identify clusters on versions 1.23 and earlier thatuse Docker-based node images, which are unsupported on GKE version 1.24 and later.

Feature

Kubernetes control plane logs are now Generally Available. You can now configure GKE clusters with control plane version 1.22.0 or later to export to Cloud Logging logs emitted by the Kubernetes API server, Scheduler, and Controller Manager.

These logs are stored in Cloud Logging and can be queried in the Cloud Logging Log Explorer or Cloud Logging API. These logs can also be sent to Google Cloud Storage, BigQuery, or Pub/Sub using the Log Router.

November 22, 2022

Issue

GKE version 1.21.14-gke.9500 has an issue where Pods in certain conditions might get stuck terminating indefinitely, due to a Linux kernel bug. The version has been removed and is no longer available for new clusters. If your node pools are running 1.21.14-gke.9500 and experience the issue, we recommenddowngrading the node pool to 1.21.14-gke.8500.

November 21, 2022

Feature

TheLogs tab available for each cluster on theKubernetes Engine > Clusters page now includes suggested queries for your logs. For more information about using your GKE logs, seeViewing your GKE logs.

November 18, 2022

Feature

GKE Autopilot clusters supportcompact placement policies in version 1.25 and later.

November 17, 2022

Feature

GKE Autopilot clusters supportsignaling to GKE that a particular node is problematic in version 1.24 and later.

November 11, 2022

Security

The Filestore CSI driver has patched the following CVEs for newly created clusters running GKE version 1.23 and later:

  • CVE-2022-37434
  • CVE-2019-19126
  • CVE-2019-25013
  • CVE-2022-23219
  • CVE-2021-35942
  • CVE-2020-10029
  • CVE-2021-3326
  • CVE-2022-23218
  • CVE-2020-1752
  • CVE-2021-3999
  • CVE-2020-27618
  • CVE-2021-27645
  • CVE-2016-10228
  • CVE-2020-6096
  • CVE-2021-33574
  • CVE-2022-29458

November 10, 2022

Feature

You can now use use compact placement for node auto-provisioning in Standard clusters with GKE version 1.25 and later. To learn more, seeUse compact placement for node auto-provisioning.

November 09, 2022

Feature

GKE Gateway for Single Cluster is now generally available in GKE version 1.24 and later. Use the Gateway API to express the intent of your inbound HTTP(S) traffic into your GKE cluster and the Gateway controller will instrument and fully manage the external and/or internal HTTP(S) load balancer(s) that forwards traffic to your applications. For complete details about the GKE Gateway controller, refer to the followingdocumentation.

November 08, 2022

Security

A security vulnerability, CVE-2022-39278, has been discovered in Istio, which is used in Anthos Service Mesh, that allows a malicious attacker to crash the control plane. GKE doesn't ship with Istio and isn't affected by this vulnerability. However, if you separately installed Anthos Service Mesh or Istio in your GKE cluster, refer to theAnthos Service Mesh security bulletin for more information.

November 07, 2022

Feature

When you create a LoadBalancer service in GKE, the Google Cloud controllers automatically create the followingfirewall rules and apply them to the GKE nodes to allow inbound connections on the Service port:

  • Internal load balancer with GKE subsetting or external load balancer with regional backend services (RBS):k8s2-[cluster-id]-[namespace]-[service-name]-[suffixhash]
  • Internal load balancer without GKE subsetting or external load balancer with target pool:k8s-fw-[loadbalancer-hash]

These rules now include the load balancer IP address in the destination ranges field to further control the inbound connections to the nodes. You can use thegcloud compute firewall-rules describe command to check a relevant firewall. The new field in the output is similar to the following:

destinationRanges:-[LOADBALANCER_VIRTUAL_IP_ADDRESS]

November 04, 2022

Change

(2022-R26) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.12-gke.100 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.22.12-gke.500
    • 1.22.12-gke.1200
    • 1.24.3-gke.2100
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.22 to1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.24 to1.24.4-gke.800 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.15-gke.100 is now the default version in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.21 to1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.22 to1.22.15-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.24 to1.24.5-gke.600 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.12-gke.100 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.4300
    • 1.22.12-gke.500
    • 1.23.8-gke.1900
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.14-gke.5300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.14-gke.5300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.22 to1.23.12-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.23 to1.23.12-gke.100 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.5-gke.600 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.5300
    • 1.22.13-gke.1000
    • 1.23.11-gke.300
    • 1.24.3-gke.2100
    • 1.25.1-gke.500
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.14-gke.7100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.22.14-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.23.12-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.24.5-gke.600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.24 to1.24.5-gke.600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.25 to1.25.2-gke.1700 with this release.

November 03, 2022

Feature

You can now easily identify clusters that use certificatesincompatible with Kubernetes version 1.23. Kubernetes 1.23deprecation insights are now available inPreview for clusters of at least version 1.22.6-gke.1000.

October 28, 2022

Security

A new vulnerability, CVE-2022-20409, has been discovered in the Linux kernel that could allow an unprivileged user to escalate to system execution privilege. For instructions and more details, see theGKE security bulletin.

October 27, 2022

Security

A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see theGKE security bulletin.

October 19, 2022

Change

(2022-R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.8-gke.1900 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.21.14-gke.2700
    • 1.22.12-gke.300
    • 1.24.2-gke.1900
    • 1.24.3-gke.200
    • 1.24.3-gke.900
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to1.21.14-gke.3000 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to1.22.12-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.22 to1.22.12-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.24 to1.24.3-gke.2100 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.12-gke.2300 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.21.14-gke.2700
    • 1.22.12-gke.1200
    • 1.23.8-gke.1900
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.21.14-gke.3000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.21 to1.22.12-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.22 to1.22.12-gke.2300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.23 to1.23.11-gke.300 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.8-gke.1900 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.21.14-gke.2700
    • 1.22.12-gke.300
    • 1.24.2-gke.1900
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.14-gke.4300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.14-gke.4300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.22 to1.23.8-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.24 to1.24.5-gke.600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.4-gke.800 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.14-gke.4300
    • 1.22.12-gke.2300
    • 1.23.10-gke.1000
    • 1.24.3-gke.900
    • 1.25.0-gke.1100
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.14-gke.5300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.22.13-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.23.11-gke.300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.24.4-gke.800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.24 to1.24.4-gke.800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.25 to1.25.1-gke.500 with this release.

October 14, 2022

Feature

GKE Cost Allocation has been released for general availability. With GKE Cost Allocation, you can see cost breakdowns in clusters for namespaces, and pod labels for utilized CPU and MEM. For complete details, refer toView detailed breakdown of cluster costs.

October 12, 2022

Issue

Creating public clusters on GKE versions 1.23 or later might fail with the following error due to a missing API permission in certain compliance regimes (FedRAMP High, US Regions and Support, EU Regions and Support, EU Regions and Support with Sovereign Controls):

ManagedResourceService.AddServiceBundle, PERMISSION_DENIED'/> APPLICATION_ERROR;google.cloud.servicedirectory.v1beta1/ManagedResourceService.AddServiceBundle;Request is disallowed by organization's constraints/gcp.restrictServiceUsage constraint for 'projects/<projectID> attempting to use service 'servicedirectory.googleapis.com'

To fix this issue, refer to theOctober 5, 2022 Assured Workloads release note.

October 05, 2022

Change

(2022-R24) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

September 30, 2022

Feature

In Autopilot clusters running GKE version 1.24.1-gke.1400 and later, you can now use the Balancedcompute class to schedule your workloads that require very high memory or CPU requests.

Feature

You can now run GPU-based workloads in Preview inAutopilot clusters that use GKE version 1.24.2-gke.1800 and later. For more information, see the Google Cloudblog post.

September 28, 2022

Fixed

The Calico CNI authentication errors that caused pods to get stuck inTerminating orPending state (seeAugust 19, 2022 release notes) are fixed in the following GKE versions in the Rapid release channel:

  • 1.24.4-gke.500 or later
  • 1.23.11-gke.300 or later
  • 1.22.14-gke.300 or later

To fix the issue, upgrade your control plane to any of these versions. If you prefer not to use the Rapid channel, open aGoogle Cloud Support ticket to have your cluster patched internally.

Feature

GKE control plane metrics is now available for clusters running Kubernetes control plane version 1.22.13 or later.

September 23, 2022

Change

(2022-R23) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.12-gke.2300 is now the default version.

  • The following control plane and node versions are now available:

  • The following control plane versions are no longer available:

    • 1.21.14-gke.700
    • 1.21.14-gke.2100
    • 1.22.11-gke.400

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to version1.21.14-gke.2700 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to version1.22.12-gke.1200 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.22 to version1.22.12-gke.1200 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.22.12-gke.1200 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.21.14-gke.700
    • 1.22.12-gke.500

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.14-gke.2700 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.12-gke.1200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.22.12-gke.1200 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.22.12-gke.2300 is now the default version in the Regular channel.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.12-gke.2300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.22.12-gke.2300 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.3-gke.2100 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.12-gke.2300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.3-gke.2100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.3-gke.2100 with this release.

Change

2022-09-22 update: Updated new default versions for the2022-R22 release in theStable channel.

September 22, 2022

Feature

Thea2-ultragpu machine family is available in Preview for node pools in clusters running GKE version 1.24 and later. To select the machine family, use the--machine-type flag in your create command.

September 15, 2022

Change

Starting from GKE version 1.25 and gke-metrics-agent version 1.0.0, we increase the memory request and limit of gke-metrics-agent to 100 MiB. This change makes the system metrics collection more stable and reliable.

Fixed

CVE-2022-2068 has been patched in the Filestore CSI driver for GKE clusters running version 1.23 or later.

September 14, 2022

Change

1.25 is now available in the Rapid channel

Kubernetes 1.25 is now available in the Rapid channel. Before upgrading, read theKubernetes 1.25 Release Notes, especially the action required and deprecation sections.

Change

Notable changes

Support for the deprecatedquobyte andstorageOS volume types is removed in 1.25.

Deprecated

Deprecated API versions

These APIs are still served in version 1.25 but are in a deprecation period:

  • The following Beta versions of graduated APIs will beremoved in 1.26 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta1 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.23
      • use flowcontrol.apiserver.k8s.io/v1beta2 instead, available since 1.23
    • autoscaling/v2beta2 HorizontalPodAutoscaler
      • deprecated since 1.23
      • use autoscaling/v2 instead, available since 1.23 (or autoscaling/v1)
  • The following Beta versions of graduated APIs will beremoved in 1.27 in favor of newer versions:
    • storage.k8s.io/v1beta1 CSIStorageCapacity, deprecated since 1.24
Deprecated

Removed API versions

  • PodSecurityPolicy
    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 and removed in 1.25.
    • 1.24 is the last version supporting the beta PodSecurityPolicy feature. Use of this feature must be discontinued before clusters will upgrade to 1.25. SeePodSecurityPolicy deprecation for more information.
  • The following Beta versions of graduated APIs areremoved in 1.25 in favor of their newer versions:
    • discovery.k8s.io/v1beta1 EndpointSlice, deprecated since 1.21
    • policy/v1beta1 PodDisruptionBudget, deprecated since 1.21
    • batch/v1beta1 CronJob, deprecated since 1.21
    • node.k8s.io/v1beta1 RuntimeClass
    • autoscaling/v2beta1 HorizontalPodAutoscaler

September 13, 2022

Change

(2022-R22) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.12-gke.300 is now the default version.
  • The following control plane and node versions are now available:

  • The following control plane versions are no longer available:

    • 1.20.15-gke.11400
    • 1.20.15-gke.12800
    • 1.20.15-gke.13400
    • 1.20.15-gke.13700
    • 1.21.13-gke.900
    • 1.22.10-gke.600

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to version1.22.12-gke.500 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.22 to version1.22.12-gke.500 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.12-gke.500 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.20.15-gke.11400
    • 1.21.13-gke.900

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.22.12-gke.500 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.22.12-gke.300 is now the default version in the Regular channel.

  • The following versions are now available in the Regular channel:

  • The following versions are no longer available in the Regular channel:

    • 1.20.15-gke.12800
    • 1.21.14-gke.2100
    • 1.22.11-gke.400

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.14-gke.2700 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.12-gke.300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.22.12-gke.300 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.3-gke.900 is now the default version in the Rapid channel

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.20.15-gke.13700
    • 1.21.14-gke.3000
    • 1.22.12-gke.1200
    • 1.23.9-gke.2100
    • 1.24.3-gke.200

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.4300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.12-gke.2300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.10-gke.1000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.3-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.3-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.25 to version1.25.0-gke.1100 with this release.

Feature

Theme-west1 region in Tel Aviv, Israelis now available.

Feature

On GKE Standard clusters using control plane version 1.24.2-gke.300 or later, you can configure the cluster and node pools todeploy an alternative version of the Logging agent designed to maximize logging throughput. The default Logging agent running in each GKE cluster guarantees at least 100 KB per second log throughput per node for system and workload logs. This Logging agent variant provides a 100x improvement, allowing for throughput as high as 10 MB per second on nodes that have at least 2 unused CPU cores.

Additionally, all GKE clusters withsystem metrics enabled now export a new metric (kubernetes.io/node/logs/input_bytes), which indicates the number of log bytes generated on a node.Using this metric can help you decide which variant of the logging agent makes sense to deploy in your cluster or node pools.

September 08, 2022

Change

The Calico issue link included in theAugust 19, 2022 release notes issue was updated to theCalico issue #4857.

September 07, 2022

Fixed

Theip-masq-agent is not able to boot up on Arm nodes in GKE clusters with control planes running the following versions:

  • 2022-R18: 1.23.8-gke.1900, 1.24.2-gke.1900

  • 2022-R19: 1.24.3-gke.200

  • 2022-R20: 1.23.9-gke.900, 1.24.3-gke.900

This regression has been fixed. Please upgrade your control plane to versions included in the2022-R21 release.

Fixed

CVE-2021-4160, CVE-2022-1664, CVE-2022-1292, and CVE-2022-29155 have been patched in the Filestore CSI driver for newly created clusters.

September 02, 2022

Change

(2022-R21) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • The following versions are now available in the Rapid channel:

  • Version1.24.3-gke.200 is now the default version in the Rapid channel.

  • The following versions are no longer available in the Rapid channel:

    • 1.21.14-gke.2700
    • 1.22.12-gke.500
    • 1.23.9-gke.900
    • 1.24.2-gke.1900

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.3000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.12-gke.1200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.9-gke.2100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.3-gke.200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.3-gke.200 with this release.

August 23, 2022

Fixed

CVE-2022-24675 CVE-2022-2068 CVE-2022-28327 have been patched in the PD CSI driver in 1.23 for newly created clusters.

Feature

ForVPC-native clusters, the user-managed secondary range for Services can now be shared among clusters in the same subnet. The Services range no longer needs to be unique for clusters on the same subnet. Shared Services ranges are backwards-compatible with all GKE versions.

August 19, 2022

Issue

GKE clusters that run versions 1.22 or later and use Calico Network Policy might experience issues with terminating Pods. The Calico CNI plugin shows error terminating Pods, and eviction takes too long.

Pods that experience this issue display an error message similar to the following:

Warning FailedKillPod 36m (x389 over 121m) kubelet error killing pod: failed to "KillPodSandbox" for "af9ab8f9-d6d6-4828-9b8c-a58441dd1f86" with KillPodSandboxError: "rpc error: code = Unknown desc = networkPlugin cni failed to teardown pod "myclient-pod-6474c76996" network: error getting ClusterInformation: connection is unauthorized: Unauthorized"

To resolve this issue, restart the calico-node pods or restart kubelet.

This link was updated on September 8, 2022: For more information about this issue, seeCalico issue #4857.

August 18, 2022

Change

(2022-R20) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.11-gke.400 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.20.15-gke.9900
    • 1.21.12-gke.1700
    • 1.22.8-gke.201
    • 1.22.8-gke.202
    • 1.22.8-gke.2200
    • 1.22.9-gke.1300
    • 1.22.9-gke.1500
    • 1.22.9-gke.2000
    • 1.23.5-gke.1503
    • 1.23.5-gke.2400
    • 1.23.6-gke.1500
    • 1.23.6-gke.1501
    • 1.23.6-gke.1700
    • 1.23.6-gke.2200
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.19 to version1.20.15-gke.11400 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.21.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.21.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to version1.22.10-gke.600 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.23 to version1.23.7-gke.1400 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.13-gke.900 is now the default version in the Stable channel.
  • Version1.20.15-gke.11400 is now available in the Stable channel.
  • Version 1.20.15-gke.9900 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.19 to version1.20.15-gke.11400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.13-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.13-gke.900 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.11-gke.400 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.20.15-gke.11400
    • 1.21.13-gke.900
    • 1.22.10-gke.600
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version1.20.15-gke.12800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.14-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.21.14-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.22.11-gke.400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.24 to version1.24.2-gke.1900 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.24.2-gke.1900 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.20.15-gke.13400
    • 1.21.14-gke.2100
    • 1.22.12-gke.300
    • 1.23.8-gke.1900
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.20.15-gke.13700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.21.14-gke.2700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.9-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.24.2-gke.1900 with this release.

August 15, 2022

Feature

The GKE Clusters List page now includes a new Observability tab. This tab shows infrastructure health metric trends such as CPU, Memory, container restarts and Control Plane metrics. It also provides visibility into ingestion into Google Cloud Managed Service for Prometheus and Cloud Logging. For more information, seeView observability metrics.

August 08, 2022

Issue

Newly created GKE Clusters on version 1.24 or later using Services without.spec.ports field defined will cause a crash-loop of the ingress-gce controller (l7lbcontroller pod). This will result in not being able to provide L7 Ingress, L4 Internal LoadBalancer Service with Subsetting turned on, and L4 Network LoadBalancer based on Regional Backend Services in the cluster.

To recover from this situation, delete the Service without a port specified or recreate the cluster without any Service with.spec.ports undefined.

August 04, 2022

Change

(2022-R19) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

  • The following versions are now available in the Stable channel:

  • Version1.21.12-gke.2200 is now the default version in the Stable channel.

  • The following versions are no longer available in the Stable channel:

    • 1.21.12-gke.1700
    • 1.22.8-gke.201
    • 1.22.8-gke.202

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.12-gke.2200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.12-gke.2200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.22.10-gke.600 with this release.

Regular channel

  • The following versions are now available in the Regular channel:

  • The following versions are no longer available in the Regular channel:

    • 1.20.15-gke.9900
    • 1.21.12-gke.2200
    • 1.22.8-gke.202
    • 1.23.5-gke.1503

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version1.20.15-gke.11400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.13-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.21.13-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.7-gke.1400 with this release.

Rapid channel

  • The following versions are now available in the Rapid channel:

  • Version1.23.8-gke.1900 is now the default version in the Rapid channel.

  • The following versions are no longer available in the Rapid channel:

    • 1.21.14-gke.700
    • 1.22.10-gke.600
    • 1.22.11-gke.400
    • 1.23.6-gke.2200
    • 1.23.7-gke.1400
    • 1.23.8-gke.400
    • 1.24.2-gke.300

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.20.15-gke.13400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.2100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.12-gke.300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.8-gke.1900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.23.8-gke.1900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.2-gke.1900 with this release.

August 03, 2022

Feature

GKE total size control is now available in GKE version 1.24 clusters. For autoscaled node pools you can now set the minimum and maximum number of the total number of nodes across all zones, rather than specify a per zone limit. To learn more, seeCluster autoscaler.

Feature

The maximum number of Pods that can run on each node has increased from 110 to 256 with GKE version 1.23.5-gke.1300 or later. To learn more, seeOptimizing IP address allocation.

July 27, 2022

Feature

GKE node system configuration now supports setting thecgroup mode to use the cgroupv2 resource management subsystem.

July 26, 2022

Change

(2022-R18) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Stable channel:
  • Version 1.21.12-gke.1700 is now the default version in the Stable channel
  • The following versions are no longer available in the Stable channel:
    • 1.20.15-gke.8700
    • 1.21.12-gke.1500
    • 1.22.8-gke.200
    • 1.23.6-gke.2200
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.19 to version1.20.15-gke.9900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.12-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.12-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.23 to version1.23.7-gke.1400 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • Version1.23.8-gke.400 is now the default version in the Rapid channel
  • The following versions are no longer available in the Rapid channel:
    • 1.21.13-gke.900
    • 1.22.9-gke.2000
    • 1.23.6-gke.1700
    • 1.24.1-gke.1800
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.20.15-gke.9900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.14-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.21.14-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.8-gke.400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.23.8-gke.400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.2-gke.300 with this release.

July 22, 2022

Feature

GKE Gateway integration with Cloud Certificate Manager is now available as Public Preview in GKE versions 1.20 and later. Use the new TLS features and high scale offered by Cloud Certificate Manager with GKE Gateway. For more information, seeGateway Security.

July 21, 2022

Issue

If you start acredential rotation or anIP address rotation, ensure that you manually complete the rotation. If an operation causes a control plane re-creation while the rotation remains incomplete, your cluster might enter a broken state.

Feature

Kubernetes control plane metrics are now Generally Available. You can now configure GKE clusters with control plane version 1.23.6-gke.1500 or later to export to Cloud Monitoring certain metrics emitted by the Kubernetes API server, scheduler, and controller manager.

These metrics are stored in Cloud Monitoring in a Prometheus-compatible format. They can be queried by sending either a PromQL or MQL query to the Cloud Monitoring API. They can also be used anywhere within Cloud Monitoring, including in custom dashboards or alerting rules.

July 19, 2022

Change

(2022-R17) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

July 15, 2022

Issue

Clusters that are using custom or manually created EndpointSlices (EPS) can cause Ingresses and NEGs to stop syncing if missing the service label kubernetes.io/service-name:<service-name>. This issue affects clusters running GKE 1.21, 1.22, and 1.23. Users should add the service label to all custom-made EndpointSlices to ensure that their Ingresses and NEGs continue to be synced.

Feature

Cluster autoscaler Location Policy is now generally available in GKE version 1.24.1-gke.800. This change allows users to pick one of two different spreading policies. For more information seeLocation policy.

July 13, 2022

Feature

You can now run Arm-based workloads in Preview inStandard clusters with GKE version 1.24 and later, and inAutopilot clusters with GKE version 1.24.1-gke.1400 and later.

Feature

You can now selectcompute classes to run GKE Autopilot workloads that have specialized hardware requirements, such as Arm architecture. TheScale-Out compute class is available in Preview in Autopilot clusters running GKE version 1.24.1-gke.1400 and later.

July 06, 2022

Feature

Theblue-green upgrade mechanism is now available to upgrade your GKE node pools, and can be selected per node pool instead of thedefault surge upgrade mechanism.

June 30, 2022

Change

(2022-R16) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Control plane and node version1.24.1-gke.1800 is now available.
  • The following control plane versions are no longer available:
    • 1.19.16-gke.9400
    • 1.19.16-gke.11000
    • 1.19.16-gke.11800
    • 1.19.16-gke.13800
    • 1.19.16-gke.14000
    • 1.19.16-gke.14500
    • 1.19.16-gke.15700
    • 1.20.15-gke.6000
    • 1.20.15-gke.8000
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.21.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.21.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.24 to version1.24.1-gke.1400 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.12-gke.1500 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.19.16-gke.11800
    • 1.19.16-gke.13800
    • 1.20.15-gke.8000
    • 1.21.11-gke.1900
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.12-gke.1500 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.7-gke.1400 is now the default version in the Rapid channel.
  • Version1.24.1-gke.1800 is now available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.20.15-gke.9900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.7-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.23.7-gke.1400 with this release.
Security

A new vulnerability (CVE-2022-1786) has been discovered in the Linux kernel versions 5.10 and 5.11. This vulnerability allows an unprivileged user with local access to the cluster to achieve a full container breakout to root on the node. Only clusters that run Container-Optimized OS are affected. GKE Ubuntu versions use either version 5.4 or 5.15 of the kernel and are not affected. For more information, refer to theGCP-2022-017 security bulletin.

Change

GKE Cost Allocation has been released for public preview. With GKE CostAllocation public preview, you will be able to see cost breakdowns in clustersfor namespaces, and pod labels for utilized CPU and MEM. For complete details,refer toView detailed breakdown of cluster costs.

June 29, 2022

Feature

You can now give multiple containers time-shared access to the full compute resources of a single NVIDIA GPU accelerator. Time-sharing GPUs is generally available in GKE version 1.23.7-gke.1400 and later. For more information, refer toTime-sharing GPUs on GKE.

June 24, 2022

Security

Three new memory corruption vulnerabilities (CVE-2022-29581, CVE-2022-29582, CVE-2022-1116) have been discovered in the Linux kernel. These vulnerabilities allow an unprivileged user with local access to the cluster to achieve a full container breakout to root on the node. All Linux clusters (Container-Optimized OS and Ubuntu) are affected. For more information, refer to theGCP-2022-016 security bulletin.

Feature

You can now create dual-stack clusters in Alpha Compute Engine API-enabled projects with GKE versions 1.24.1-gke.1000 and later. With dual-stack networking, GKE assigns an IPv4 and an IPv6 address to the cluster nodes and Pods. You can create dual-stack Services of type ClusterIP or NodePort.This feature is now available in Preview. For more information, see theDual-stack networking.

June 23, 2022

Change

(2022-R15) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.12-gke.1700
    • 1.22.9-gke.1300
    • 1.23.6-gke.1500
    • 1.24.0-gke.1801
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.19.16-gke.11800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.12-gke.2200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.10-gke.600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.22.10-gke.600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.1-gke.1400 with this release.

June 22, 2022

Change

To deliver a better default price-performance for applications, all GKE clusters created with control plane version 1.24 and later have the Balanced Persistent Disk (PD) by default for attached volumes. Additionally, the node boot disk default has also been changed to Balanced Persistent Disk (PD).

The new default for attached volumes is applied to all clusters running control plane version 1.24 and later. The new default node boot disk is applied to all new node pools of any node pool version created in a cluster with control plane version 1.24 and later. Existing preferences will not be changed.

For more information on boot disks, seeConfiguring a custom boot disk.

For more information on attached volumes seePersistent volumes and dynamic provisioning.

June 15, 2022

Feature

Confidential GKE Nodes is now generally available in GKE version 1.22 and later for stateful workloads using persistent disks, and in all GKE versions for stateless workloads. Use Confidential GKE Nodes to encrypt your workload data in-use through Compute EngineConfidential VMs.

June 13, 2022

Change

(2022-R14) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.11-gke.1900 is now the default version in the Stable channel.
  • Version1.22.8-gke.202 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.11-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.11-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.22.8-gke.202 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.8-gke.202 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.20.15-gke.6000
    • 1.21.11-gke.1100
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version1.20.15-gke.8000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.11-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.22.8-gke.202 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to version1.22.8-gke.202 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.23 to version1.23.5-gke.1503 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.23.6-gke.1501 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.12-gke.1500
    • 1.22.8-gke.2200
    • 1.23.5-gke.2400
    • 1.24.0-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.19.16-gke.11000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.12-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.9-gke.1300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.23.6-gke.1501 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to version1.23.6-gke.1501 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to version1.24.0-gke.1801 with this release.
Fixed

CVE-2022-25235 has been patched in the PD CSI driver in 1.22 and 1.23 clusters. If your cluster is not configured for auto-upgrade, please manually upgrade to eliminate this vulnerability.

Feature

GKE Node System Configuration now supports settingpod pid limits.

June 10, 2022

Feature

You can now easily identify clusters that use deprecated Kubernetes APIsremoved in version 1.22. Kubernetes deprecationinsights are now available inPreview.

June 07, 2022

Feature

Theus-south1 region in Dallas, Texasis now available.

May 26, 2022

Change

1.24 is now available in the Rapid channel

Kubernetes 1.24 is now available in the Rapid channel. Before upgrading, read theKubernetes 1.24 Release Notes, especially the action required and deprecation sections.

Change

(2022-R13) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.8-gke.201 is now the default version.

  • The following control plane and node version are now available:

  • The following control plane versions are no longer available:

    • 1.19.16-gke.10800
    • 1.20.15-gke.3400
    • 1.20.15-gke.3600
    • 1.20.15-gke.4100
    • 1.20.15-gke.5000
    • 1.20.15-gke.5200
    • 1.21.10-gke.400
    • 1.21.10-gke.1300
    • 1.21.10-gke.1500
    • 1.21.10-gke.2000
    • 1.22.6-gke.300
    • 1.22.6-gke.1000
    • 1.22.7-gke.300
    • 1.22.7-gke.900
    • 1.22.7-gke.1300
    • 1.22.7-gke.1500

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.19 to1.20.15-gke.6000 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to1.21.11-gke.1100 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to1.21.11-gke.1100 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.22 to1.22.8-gke.201 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.21.11-gke.1100 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.19.16-gke.10800
    • 1.20.15-gke.5200
    • 1.21.11-gke.900

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.19 to version1.20.15-gke.6000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.21.11-gke.1100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.11-gke.1100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.22 to version1.22.8-gke.201 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.8-gke.201 is now the default version in the Regular channel.
  • Version 1.22.8-gke.200 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to1.22.8-gke.201 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.22 to1.22.8-gke.201 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.23.5-gke.2400 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.21.11-gke.1900
    • 1.22.8-gke.201

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to1.20.15-gke.6000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to1.21.12-gke.1500 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to1.21.12-gke.1500 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to1.23.5-gke.2400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.24 to1.24.0-gke.1000 with this release.

Change

New API versions

  • storage.k8s.io/v1 CSIStorageCapacity
Change

Notable changes

  • GKE does not support node images that use Docker as the runtime in GKE version 1.24 and later. For more information, seemigrating from Docker to containerd.
  • Secret API objects containing service account tokens are not automatically created in 1.24.
    • This change improves security by reducing readable, permanent, Secret-based tokens to ones that have been explicitly requested, and improves performance by reducing the amount of persisted Secret data andavoiding unnecessary utilization of application-layer secrets encryption.
    • Existing Secret-based tokens from previous versions remain valid on upgrade.
    • Secret-based tokens are not used by nodes or pods on version 1.21 and later.
    • Only node versions 1.22 and later are supported running against 1.24 clusters.
    • Clients retrieving tokens directly from the API can still obtain a token using these methods supported in all available GKE versions:
    • Examples of incorrect ways to obtain Secret-based tokens from the API include:
      • Scanning thesecrets[*].name field of a ServiceAccount object; this field lists secrets usable by pods running as that service account, not for other purposes, and secrets in that list have never been guaranteed to be service account token secrets.
      • Looking for existing Secret objects of typekubernetes.io/service-account-token created by other clients; a Secret created by another client is owned by that client, and cannot be assumed to be stable for use by other clients.

  • Kubernetes 1.24deprecates support for insecure serving certificates signed with a SHA-1 hash. Aggregated API servers, admission webhooks, and custom resource conversion webhooks using TLS certificates that are signed by SHA-1 should replace the serving certificates as soon as possible.

    • At cluster version 1.24.0 and later, GKE provides a Cloud Audit log to check if your cluster contains an affected service. You can use the following filter to search for the logs of a 1.24+ cluster:

      logName:"projects/$PROJECT/logs/cloudaudit.googleapis.com%2Factivity"resource.type="k8s_cluster"operation.producer="k8s.io""invalid-cert.kubernetes.io"```

    • If you are not affected you won't see any logs. If you do see such an audit log, it will include the name of the service (whether webhook or aggregated API).

Deprecated

Deprecated API versions

These APIs are still served in version 1.24 but are in a deprecation period:

  • PodSecurityPolicy

    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 withremoval targeted for version 1.25.
    • 1.24 is the last version supporting the beta PodSecurityPolicy feature. Use of this feature must be discontinued before clusters will upgrade to 1.25. For more information, seePodSecurityPolicy deprecation.

  • The following Beta versions of graduated APIs will beremoved in 1.25 in favor of their newer versions:

    • discovery.k8s.io/v1beta1 EndpointSlice, deprecated since 1.21
    • policy/v1beta1 PodDisruptionBudget, deprecated since 1.21
    • batch/v1beta1 CronJob, deprecated since 1.21
    • node.k8s.io/v1beta1 RuntimeClass
    • autoscaling/v2beta1 HorizontalPodAutoscaler

  • The following Beta versions of graduated APIs will beremoved in 1.26 in favor of newer versions:

    • flowcontrol.apiserver.k8s.io/v1beta1 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.23
      • use flowcontrol.apiserver.k8s.io/v1beta2 instead, available since 1.23
    • autoscaling/v2beta2 HorizontalPodAutoscaler
      • deprecated since 1.23
      • use autoscaling/v2 instead, available since 1.23 (or autoscaling/v1)

  • The following Beta versions of graduated APIs will beremoved in 1.27 in favor of new versions:

    • storage.k8s.io/v1beta1 CSIStorageCapacity, deprecated since 1.24
Issue

Nodes on version 1.24.0-gke.1000 with more than 80GB of memory will fail to start successfully due to a known bug, which will be resolved in future 1.24 versions.

May 25, 2022

Feature

You can now easily assess the running cost implications at cluster creation time.The GKE cluster cost widget lets you get an estimated cost range when you are creating a cluster.

This information can help you get a better understanding of the upper and lower monthly cost to expect based on your cluster autoscaling setup.This feature is now available inPreview.

For more information, seeIntroducing GKE cost estimator, built right into the Google Cloud console.

Issue

GKE clusters that run control plane versions 1.21 or later and node versions 1.16 or earlier might experience:

  • Readiness check failures.
  • Network endpoint groups (NEGs) and load balancers (LBs) not created or synced.

This occurs because the Ingress controllers running in GKE cluster control plane versions 1.21 or later are not compatible with node versions 1.16 and earlier. To resolve this issue, upgrade your node pools.

For more information, seeNode version not compatible with control plane version.

May 24, 2022

Feature

Theus-east5 region in Columbus, Ohiois now available.

May 20, 2022

Feature

You can now quickly identify which of your workloads are underutilized in the Cost Optimization tab. You can also quickly apply suggested values for resource requests and limits (or your own preferred values).

This feature is now available inPreview. For more information, seeGKE workload rightsizing.

May 19, 2022

Change

(2022-R12) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.21.11-gke.900 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.19.16-gke.9900
    • 1.20.15-gke.3400
    • 1.20.15-gke.3600
    • 1.20.15-gke.4100
    • 1.21.10-gke.2000

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.19.16-gke.10800 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.21.11-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.21 to1.21.11-gke.900 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.11-gke.1100 is now the default version in the Regular channel.

  • The following versions are now available in the Regular channel:

  • The following versions are no longer available in the Regular channel:

    • 1.20.15-gke.5200
    • 1.21.9-gke.1002
    • 1.21.10-gke.400
    • 1.21.10-gke.2000
    • 1.21.11-gke.900
    • 1.22.6-gke.300

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.20.15-gke.6000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.11-gke.1100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.11-gke.1100 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

May 13, 2022

Feature

Tags are now available. You can use tags to group or organize your clusters according to custom business dimensions. This is in addition to the hierarchical resource organization provided by Google Cloud's resource manager. The integration of tags with policy engines (via conditional rules) such asIAM orOrganization Policy, also allows you to apply centralized policies to custom security perimeters defined through tag bindings.

May 11, 2022

Change

(2022-R11) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.11-gke.900 is now the default version.
  • The following control plane versions are no longer available:
    • 1.21.6-gke.1503
    • 1.21.9-gke.300
    • 1.21.9-gke.1001
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.18 to1.19.16-gke.9900 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.19 to1.19.16-gke.9900 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.23 to1.23.5-gke.1501 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.11-gke.900 is now the default version in the Regular channel.

  • The following versions are now available in the Regular channel:

  • The following versions are no longer available in the Regular channel:

    • 1.20.15-gke.5000
    • 1.21.6-gke.1503

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.20.15-gke.5200 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.11-gke.900 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.11-gke.900 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.8-gke.2200 is now the default version in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.22.8-gke.2200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.22.8-gke.2200 with this release.

May 10, 2022

Feature

Theeurope-southwest1 region in Madridis now available.

May 04, 2022

Feature

Spot VMs on GKE is now generally available. Spot VMs let you run fault-tolerant workloads at lower costs.

Feature

Spot Pods for GKE Autopilot clusters is now generally available. Use Spot Pods to run your fault-tolerant workloads at reduced costs.

May 03, 2022

Change

(2022-R10) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.21.10-gke.2000 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.19.16-gke.9200
    • 1.20.15-gke.2500

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to1.19.16-gke.9400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.19.16-gke.9400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.21.10-gke.2000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.22 to1.22.8-gke.200 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Feature

Theeurope-west9 region in Parisis now available.

April 27, 2022

Security

Two security vulnerabilities,CVE-2022-1055 andCVE-2022-27666 have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see theGCP-2022-014 security bulletin.

April 21, 2022

Change

(2022-R9) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.10-gke.2000 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.19.16-gke.8300
    • 1.20.15-gke.1000
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.18 to version1.19.16-gke.9200 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.19 to version1.20.15-gke.3400 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.20 to version1.20.15-gke.3400 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.21 to version1.21.10-gke.2000 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.21.10-gke.2000 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.19.16-gke.9200
    • 1.20.15-gke.2500

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to1.19.16-gke.9400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.19.16-gke.9400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.21.10-gke.2000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.22 to1.22.8-gke.200 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.10-gke.2000 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • Version 1.20.15-gke.3600 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.18 to version1.19.16-gke.9200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version1.20.15-gke.4100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.10-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.21 to version1.21.10-gke.2000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.10-gke.2000
    • 1.22.7-gke.900
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.18 to version1.19.16-gke.9200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.20.15-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.11-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.21.11-gke.900 with this release.

April 20, 2022

Feature

Theeurope-west8 region in Milanis now available.

April 13, 2022

Security

A security vulnerability, CVE-2022-23648, has been discovered in containerd's handling of pathtraversal in the OCI image volume specification. Containers launched through containerd's CRIimplementation with a specially-crafted image configuration could gain full read access toarbitrary files and directories on the host. This vulnerability may bypass any policy-basedenforcement on container setup (including a Kubernetes Pod Security Policy). Thisvulnerability affects all GKE node operating systems(Container-Optimized OS and Ubuntu) which use containerd by default. AllGKE, Autopilot, and GKE Sandbox nodes are affected.

For more information, see theGCP-2022-013 security bulletin.

Feature

Egress NAT policy to configure IP masquerade is now generally available on GKE Autopilot clusters with Dataplane v2 in versions 1.22.7-gke.1500+ or 1.23.4-gke.1600+. For configuration examples of Egress NAT policy, seeEgress NAT Policy documentation.

April 11, 2022

Change

(2022-R8) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.15-gke.2500 is now the default version in the Stable channel.
  • The following versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.19.16-gke.6800
    • 1.20.15-gke.300
    • 1.21.5-gke.1805
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.18 to version1.19.16-gke.8300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.19 to version1.20.15-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.20 to version1.20.15-gke.2500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.21 to version1.21.10-gke.2000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.15-gke.3600 is now available in the Regular channel.
  • Version 1.20.15-gke.2500 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.18 to version1.19.16-gke.8300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version1.20.15-gke.3600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.20 to version1.21.6-gke.1503 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.8-gke.200 is now the default version in the Rapid channel.
  • Version1.21.11-gke.900 is now available in the Rapid channel.
  • The following versions are no longer available in the Rapid channel:
    • 1.21.10-gke.1500
    • 1.22.7-gke.300
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.18 to version1.19.16-gke.8300 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version1.20.15-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to version1.21.10-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to version1.22.8-gke.200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to version1.22.8-gke.200 with this release.

April 08, 2022

Security

A security vulnerability, CVE-2022-0847, has been discovered in the Linux kernel version 5.8 and later that can potentially escalate container privileges to root.

For more information, see theGCP-2022-012 security bulletin.

March 31, 2022

Change

(2022-R7) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.7-gke.1500 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.10-gke.1300
    • 1.23.4-gke.1600
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.10-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.10-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.23.5-gke.200 with this release.

March 22, 2022

Security

There is a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, on GKE Sandbox images. The misconfiguration leaves nodes potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS) (for more context, seeGKE Sandbox documentation).We do not recommend using the following affected versions:

  • 1.22.4-gke.1501
  • 1.22.6-gke.300
  • 1.23.2-gke.300
  • 1.23.3-gke.600

For instructions and more details, see theGKE security bulletin.

March 21, 2022

Change

(2022-R6) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.15-gke.1000 is now the default version in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.19 to1.20.15-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.20 to1.20.15-gke.1000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.7-gke.900 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.21.10-gke.400
    • 1.22.6-gke.1500
    • 1.23.4-gke.1300

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.20 to1.21.10-gke.1300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.21 to1.21.10-gke.1300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.22 to1.22.7-gke.300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.23 to1.23.4-gke.1600 with this release.

March 16, 2022

Feature

Starting in GKE version 1.22, theCompute Engine persistent disk CSI driver is generally available for Windows clusters.

March 15, 2022

Fixed

The following GKE versions fix aknown issue in which random TCP connection resets might happen for GKE nodes that use Container-Optimized OS with Docker (cos). To fix the issue, upgrade your nodes to any of these versions:

  • 1.20.15-gke.3400 and later
  • 1.21.10-gke.1300 and later
  • 1.22.7-gke.1300 and later
  • 1.23.4-gke.1300 and later

March 14, 2022

Change

(2022-R5) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.9-gke.1002 is now the default version.

  • The following control plane and node versions are now available:

  • The following control plane versions are no longer available:

    • 1.19.16-gke.3600
    • 1.20.11-gke.1300
    • 1.20.11-gke.1801
    • 1.22.4-gke.1501

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.18 to1.19.16-gke.6100 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.19 to1.20.15-gke.300 with this release.

  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to1.20.15-gke.300 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.15-gke.300 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • The following versions are no longer available in the Stable channel:

    • 1.19.16-gke.3600
    • 1.20.11-gke.1801

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.18 to1.19.16-gke.6100 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.19 to1.20.15-gke.300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.20 to1.20.15-gke.300 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.9-gke.1002 is now the default version in the Regular channel.
  • Version1.20.15-gke.1000 is now available in the Regular channel.
  • Version 1.20.15-gke.300 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.19 to1.20.15-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.20 to1.21.9-gke.1002 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.21 to1.21.9-gke.1002 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.7-gke.300 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.21.9-gke.1002
    • 1.22.6-gke.1000
    • 1.23.4-gke.300

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.20 to1.21.10-gke.400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.21 to1.21.10-gke.400 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.22 to1.22.6-gke.1500 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.23 to1.23.4-gke.1300 with this release.

Issue

If you specify--enable-dataplane-v2 in a Windows LTSC node pool running GKE version 1.22.7-gke.1300, Windows nodes cannot join the cluster.

March 10, 2022

Feature

In GKE version 1.23.2-gke.300 and later, you can now usenetwork tags to dynamically apply firewall rules to nodes in your GKE Autopilot clusters and auto-provisioned GKE Standard node pools without disrupting running workloads.

March 09, 2022

Fixed

The following GKE versions fix aknown issue in which theCAP_NET_BIND_SERVICE file capability was dropped from themetrics-server. To fix the issue, upgrade your control plane to any of these versions:

  • 1.21.9-gke.1002 and later
  • 1.21.10-gke.400 and later
  • 1.22.6-gke.300 and later
  • 1.22.7-gke.300 and later
  • 1.22.7-gke.900 and later
  • 1.23.4-gke.300 and later

March 08, 2022

Deprecated

Setting a minimum CPU platform for node pools created by node auto-provisioning using theautoscaling.autoprovisioning_node_pool_defaults.min_cpu_platform field is deprecated. This field will be removed in a future release. In GKE versions 1.23 and later, you can request a minimum CPU platform at the workload level using a node selector or node affinity rule forcloud.google.com/requested-min-cpu-platform. For instructions, refer toMinimum CPU platform.

March 07, 2022

Change

(2022-R4) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.6-gke.1500 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.21.9-gke.300
    • 1.21.9-gke.1001
    • 1.22.4-gke.1501
    • 1.22.6-gke.300
    • 1.23.3-gke.1100

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.20 to1.21.9-gke.1002 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to1.21.9-gke.1002 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.22 to1.22.6-gke.1000 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.23 to1.23.4-gke.300 with this release.

Feature

Identity Service for GKE is now generally available. You can authenticate to GKE clusters with external identity providers that use OpenID Connect (OIDC).

March 04, 2022

Security

Some unexpected paths to access the node VM on GKE Autopilot clusters could have been used to escalate privileges in the cluster. These issues have been fixed andno further action is required. The fixes address issues reported through ourVulnerability Reward Program.

For instructions and more details, see theGCP-2022-009 security bulletin.

Change

Public clusters created on GKE versions 1.22 and later, and created between October 28, 2021 and February 17, 2022 usePrivate Service Connect (PSC). Therefore, each control plane is assigned to a private IP address from the cluster node subnet.

For public clusters created outside of this time frame or with a different GKE version, the control plane has a public IP address by default.

February 25, 2022

Security

The Envoy project recently discovered a set of vulnerabilities. All issues listed below are fixed in Envoy release 1.21.1.

For more information, see theGCP-2022-008 security bulletin.

February 24, 2022

Change

(2022-R3) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.16-gke.3600 is now available in the Stable channel.
  • Version1.21.5-gke.1805 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.19.15-gke.1801
    • 1.21.5-gke.1802
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.21 to1.21.5-gke.1805 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.6-gke.1503 is now the default version in the Regular channel.
  • Version1.21.5-gke.1805 is now available in the Regular channel.
  • Version1.21.6-gke.1503 is now available in the Regular channel.
  • Version1.22.4-gke.1501 is now available in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.20.11-gke.1801
    • 1.21.5-gke.1802
    • 1.21.6-gke.1500
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.6-gke.1503 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.6-gke.1503 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.22 to1.22.4-gke.1501 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.6-gke.300 is now the default version in the Rapid channel.
  • Version1.21.9-gke.1001 is now available in the Rapid channel.
  • Version1.22.6-gke.1000 is now available in the Rapid channel.
  • Version1.22.6-gke.1500 is now available in the Rapid channel.
  • Version1.23.3-gke.1100 is now available in the Rapid channel.
  • The following versions are no longer available in the Rapid channel:
    • 1.21.6-gke.1500
    • 1.22.3-gke.700
    • 1.22.3-gke.1500
    • 1.23.2-gke.300
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.9-gke.1001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.9-gke.1001 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.23.3-gke.1100 with this release.
Issue

GKE nodes that use Container-Optimized OS with Docker (cos) may experience random TCP connection resets when two pods on the same node communicate using a Kubernetes ClusterIP Service.

For more information, seeGKE Node images known issues.

February 22, 2022

Feature

GKE Gateway traffic management is now in Preview for GKE 1.22 and later version clusters. You can nowautoscale Pods ordynamically shift traffic between clusters based on Service traffic capacity.

February 17, 2022

Issue

Kubernetes Network Policy API allows specifying range of ports (seeKEP on port ranges) on which the policy is enforced in GKE 1.22 and later versions. If you specifyendPort field in a Network Policy, it might not take effect in Dataplane V2 based on the cluster configuration. This API will be supported in Calico Network Policy enabled clusters but not in Dataplane V2 clusters.

For more information, seeGKE Dataplane V2 known issues.

February 15, 2022

Security

A security vulnerability,CVE-2022-0492, has been discovered in the Linux kernel'scgroup_release_agent_write function. The attack uses unprivileged user namespaces, and under certain circumstances, this vulnerability can be exploitable for container breakout.

For more information, see theGCP-2022-006 security bulletin.

February 14, 2022

Deprecated

Kubernetes 1.23 is now available in the Rapid channel. Before upgrading, read theKubernetes 1.23 Release Notes,especially the action required and deprecationsections. Also, read the guide forensuring compatibility of webhook and aggregated API server certificates before the upgrade.

February 11, 2022

Security

A security vulnerability,CVE-2021-43527, has been discovered in any binary that links to the vulnerable versions of libnss3 found in NSS (Network Security Services) versions prior to 3.73 or 3.68.1.

Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.

For more information, see theGCP-2022-005 security bulletin.

February 10, 2022

Fixed

Versions 1.21.9-gke.300, 1.22.6-gke.300, and 1.23.2-gke.300 contain a fix for a race condition which could result in erroneously detaching all endpoints from network endpoint groups for a short period.

February 04, 2022

Security

A security vulnerability,CVE-2021-4034, has been discovered in pkexec, a part of the Linux policy kit package (polkit), that allows an authenticated user to perform a privilege escalation attack. PolicyKit is generally used only on Linux desktop systems to allow non-root users to perform actions such as rebooting the system, installing packages, restarting services etc, as governed by a policy. GKE clusters arenot affected.

For instructions and more details, see theGCP-2022-004 security bulletin.

Change

You will not be able to create new node pools that use a Docker node image starting with GKE v1.23 when:

  • Creating a new cluster,
  • Adding a node pool to an existing cluster, or
  • Using Node Auto-provisioning (NAP) with--autoprovisioning-image-type set to Docker node images.
  • For existing clusters, you will also not be able to change the value of--autoprovisioning-image-type to Docker node images.

If you are upgrading your GKE clusters from GKE v1.22 to v1.23, then you will be able to continue using:

  • Docker node pools that were configured before the upgrade.
  • Cluster Autoscaler on Docker node pools.
  • Node Auto-provisioning (NAP) with--autoprovisioning-image-type set to Docker node images if it was configured before upgrading to v1.23. However, we highly recommend you to migrate to GKE node images that use the Containerd container runtime.

For your reference, below are the GKE node images for the Containerd and Docker container runtimes:

  • Containerd container runtime (recommended):cos_containerd,ubuntu_containerd,windows_ltsc_containerd,windows_sac_containerd
  • Docker container runtime (unsupported starting with v1.24):cos,ubuntu,windows_ltsc,windows_sac

Containerd is the default runtime on GKE. Most user workloads do not have dependencies on the container runtime. Support for Docker as a container runtime on Kubernetes nodes will be removed from OSS Kubernetes and GKE starting with v1.24. If you use a node image based on Docker container runtime, please migrate your GKE workloads to a Containerd node image as soon as possible. For more details, seeContainerd node images.

February 03, 2022

Change

(2022-R02) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.3-gke.1500 is now available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.20.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.6-gke.1500 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.4-gke.1501 is now the default version in the Rapid channel.
  • Version1.21.9-gke.300 is now available in the Rapid channel.
  • Version1.22.6-gke.300 is now available in the Rapid channel.
  • Version1.23.2-gke.300 is now available in the Rapid channel.
  • Version 1.21.5-gke.1802 is no longer available in the Rapid channel.
  • Version 1.23.1-gke.500 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.6-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.6-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.22.4-gke.1501 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.23.2-gke.300 with this release.

February 02, 2022

Security

Three security vulnerabilities,CVE-2021-4154,CVE-2021-22600, andCVE-2022-0185 have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems and Anthos clusters on VMware node operating systems (COS and Ubuntu).

Pods usingGKE Sandbox are not vulnerable to these vulnerabilities. For more information, see theGCP-2022-002 security bulletin.

January 31, 2022

Feature

In GKE, you can now filter Pub/Sub cluster notifications by notification type.For more information, seeReceive cluster notifications.

Feature

When creating a maintenance exclusion window, you can restrict the exclusion tospecify types of maintenance. For example, during a specific time period you canexclude minor upgrades from occurring on your cluster. For more information, seeMaintenance exclusions documentation.

January 27, 2022

Change

Starting with GKE version 1.23.0, if a Kubernetes event is created usingk8s.io/api/core/v1, theLastTimestamp field is used as the timestamp of thecorresponding event log if the field is non-empty. Otherwise, the timestampfield will be unset and will be determined by Cloud Logging.

If a Kubernetes event is created usingk8s.io/api/events/v1, theSeries.LastObservedTime field is used as the timestamp of the correspondingevent log if the field is non-empty. Otherwise, the timestamp field will beunset and will be determined by Cloud Logging. An event created withk8s.io/api/events/v1 will be converted tok8s.io/api/core/v1 before exporting toCloud Logging.

Log payload of an event log will contain theLastTimestamp field fromk8s.io/api/core/v1 Event API. If an event is created usingk8s.io/api/events/v1,the value of this field will benull. Instead, use theSeries.LastObservedTimefield in the log payload.

January 21, 2022

Change

(2022-R01) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.6-gke.1500 is now the default version.
  • Control plane and node version1.19.16-gke.3600 is now available.
  • The following control plane versions are no longer available:
    • 1.19.15-gke.1300
    • 1.20.10-gke.1600
    • 1.20.10-gke.2100
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.18 to1.19.15-gke.1801 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.19 to1.20.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to1.20.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to1.21.5-gke.1802 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.12-gke.1500 is now the default version in the Stable channel.
  • Version1.21.5-gke.1802 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.20.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.20.12-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.21 to1.21.5-gke.1802 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.6-gke.1500 is now the default version in the Regular channel.
  • Version1.21.6-gke.1500 is now available in the Regular channel.
  • Version 1.21.5-gke.1302 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.21.6-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.6-gke.1500 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.3-gke.1500 is now the default version in the Rapid channel.
  • Version1.22.4-gke.1501 is now available in the Rapid channel.
  • Version1.23.1-gke.500 is now available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.5-gke.1802 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.5-gke.1802 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.22.3-gke.1500 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.23 to1.23.1-gke.500 with this release.
Issue

Clusters running GKE node versions 1.19.16-gke.1500 and 1.19.16-gke.3600 will beunstable if Container Threat Detection (KTD) is enabled. To use KTD, create thecluster with the most recent 1.19.15 version or any GKE version 1.20 or later. If yourequire GKE version 1.19.16-gke.1500 or 1.19.16-gke.3600, you should disable KTDon the cluster using theCloud Security Command Center Advanced Settingsbefore creating or upgrading nodes to these versions

Deprecated

Deprecated API versions

These APIs are still served in version 1.23 but are in a deprecation period:

  • PodSecurityPolicy
    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 withremoval targeted for version 1.25.
  • The following Beta versions of graduated APIs will beremoved in 1.25 in favor of their GA versions:
    • discovery.k8s.io/v1beta1 EndpointSlice, deprecated since 1.21
    • policy/v1beta1 PodDisruptionBudget, deprecated since 1.21
    • batch/v1beta1 CronJob, deprecated since 1.21
    • node.k8s.io/v1beta RuntimeClass
    • autoscaling/v2beta1 HorizontalPodAutoscaler
  • The following Beta versions of graduated APIs will beremoved in 1.26 in favor of newer versions:
    • flowcontrol.apiserver.k8s.io/v1beta1 FlowSchema, PriorityLevelConfiguration
      • deprecated since 1.23
      • use flowcontrol.apiserver.k8s.io/v1beta2 instead, available since 1.23
    • autoscaling/v2beta2 HorizontalPodAutoscaler
      • deprecated since 1.23
    • use autoscaling/v2 instead, available since 1.23 (or autoscaling/v1)
Change

New API versions

  • flowcontrol.apiserver.k8s.io/v1beta2 FlowSchema, PriorityLevelConfiguration
  • autoscaling/v2 HorizontalPodAutoscaler
Feature

Notable features

Beta: PodSecurity admission

PodSecurity replaces the deprecatedPodSecurityPolicy admission controller(which will be removed in 1.25).PodSecurity is an admission controller thatenforcesPod Security Standardson Pods in a Namespace based on specific namespace labels that set theenforcement level. In 1.23, the PodSecurity feature is enabled by default, andapplies to namespaces that opt into enforcement. Refer to thePodSecurity documentationandPodSecurityPolicy migration guidefor more information.

Change

1.23 is now available in the Rapid channel

Kubernetes 1.23 is now available in the Rapid channel. Before upgrading, readtheKubernetes 1.23 Release Notes,especially the action required and deprecation sections.

Change

Notable changes and bug fixes

Kubernetes 1.23 is built with go1.17, which requires aggregated API servers,admission webhooks, and custom resource conversion webhooks to use TLScertificates that include the service DNS name as a subjectAltName.

  • Before upgrading to 1.23, ensure any non-local aggregated API servers,admission webhooks, and custom resource conversion webhooks in your clusterare served using valid TLS certificates.

  • At cluster version 1.22.3-gke.700 or higher, GKE provides a Cloud Audit log tocheck if your cluster contains an affected service. You can use the followingfilter to search for the logs:

    logName: "projects/$PROJECT/logs/cloudaudit.googleapis.com%2Factivity"resource.type = "k8s_cluster"operation.producer = "k8s.io""invalid-cert.webhook.gke.io"

  • If you are not affected you won't see any logs. If you do see such an auditlog, it will include the name of the service (whether webhook or aggregatedAPI).

January 20, 2022

Feature

A new kubernetes metric,Network policy event count(kubernetes.io/pod/network/policy_event_count), is available (beta) forGKE Dataplane V2 clusters in GKE versions 1.22.3-gke.700 and later.

This metric can be viewed in the Metrics Explorer in Cloud Monitoring forresource type, Kubernetes Pod.

This metric provides visibility intonetwork policy events and shows theChange in the number of network policy events seen inthe dataplane, each event has the following metric labels:

  • verdict: Policy verdict, possible values: [allow, deny].
  • workload_kind: Kind of the workload, policy-enforced-pod belongs to, forexample, "Deployment", "Replicaset", "StatefulSet", "DaemonSet", "Job", or"CronJob".
  • workload_name: Name of the workload, policy-enforced-pod belongs to.
  • direction: Direction of the traffic from the point of view ofpolicy-enforced-pod, possible values: [ingress, egress].

In addition to these metric labels, customers can also see usual resource labelsfor resource type, Kubernetes Pod:project_id, location, cluster_name,namespace_name, and pod_name.

This metric can be used for setting up automated alerts for specific behaviors(denials higher than a threshold), identifying security issues, gaining betterunderstanding of traffic flow, and troubleshooting.

Feature

VPC-scoped DNS for GKE using Cloud DNS is now generally available for GKE versions 1.21 and later. This allows for seamless VPC-wide DNS resolution of GKE Services. Note that cluster-scoped DNS using Cloud DNS is still in public preview.

January 17, 2022

Feature

Now available inPreview: Use acompact placement policy to specify that nodes within the node pool should be placed in closer physical proximity to each other within a zone. Having nodes closer to each other can reduce network latency between nodes, which can be useful for tightly-coupled batch workloads.

December 20, 2021

Change

For GKE versions 1.21 and later, newly created clusters will have theDenyServiceExternalIPs admission controller enabled by default, disabling the use of ExternalIPs Services.

For existing clusters, when you upgrade the cluster to GKE version 1.21 or later, the DenyServiceExternalIPs admission controller will not be enabled. Since ExternalIPs Services are not widely used, we recommend manually auditing any external IP usage. You can choose to block ExternalIPs by using the following command:

gcloudcontainerclustersupdate--no-enable-service-externalips

For more information, refer toHardening your cluster's security.

Fixed

A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs.

This issue is fixed in the following GKE versions:

  • 1.22.3-gke.1100 or above
  • 1.21.6-gke.700 or above
  • 1.20.12-gke.700 or above
  • 1.19.16-gke.700 or above

For more information about the CVE, refer toCVE-2021-41103.

December 14, 2021

Issue

File capabilityCAP_NET_BIND_SERVICE required bymetrics-server to bind privileged port443 is dropped in clusters that enable PodSecurityPolicy and use the Ubuntu with Docker container runtime in node pools. As a result,metrics-server fails to bootstrap and autoscaling functionality fails to function. All 1.21 and 1.22 node versions are impacted. This issue will be fixed in a future release. Automatic node upgrades from GKE version 1.20 to 1.21 will be halted until this issue is fixed.

December 09, 2021

Change

GKE version 1.22.3-gke.1500 and later supportuser impersonation for all user-defined users and groups. System users and groups such as thekube-apiserver user and thesystem:masters group cannot be impersonated.

December 06, 2021

Change

(2021-R34) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.22.3-gke.700 is now the default version in the Rapid channel.
  • The following control plane and node versions are now available in theRapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.5-gke.1302, 1.22.2-gke.1901
Fixed

The following GKE versions fixCalico issue #4710 andCalico issue #4518, related to Pod graceful termination, in GKE clusters with Calico Network Policy enabled:

  • 1.19.16-gke.100 and later
  • 1.20.11-gke.1300 and later
  • 1.21.4-gke.1500 and later

For more information about the resolved issue, see theknown issues page.

Deprecated

PodSecurityPolicy (beta) wasdeprecated in Kubernetes 1.21 and is scheduled for shutdown in 1.25. For alternatives, refer toPodSecurityPolicy deprecation.

December 03, 2021

Change

The2021-R32release notes from October 29, 2021 were updated on December 03, 2021 with revisions to the upgradeversions for control plane and nodes in Rapid, Regular, Stable, and No Channel.

See therevision notefor further details.

December 02, 2021

Fixed

The following GKE versions contain an issue that might affect workloads that useGKE Sandbox:

  • 1.19.14-gke.301, 1.19.14-gke.1900, 1.19.14-gke.2300, 1.19.15-gke.500, 1.19.15-gke.1300, 1.19.15-gke.1801
  • 1.20.10-gke.301, 1.20.10-gke.1600, 1.20.10-gke.2100, 1.20.11-gke.1300, 1.20.11-gke.1801
  • 1.21.4-gke.2300, 1.21.4-gke.2302, 1.21.5-gke.1300, 1.21.5-gke.1302, 1.21.5-gke.1802
  • 1.22.2-gke.1901

What do I need to know?

Applications that use thexmm15 register and receive a signal or hit a pagefault while the register is in use might have the register corrupted, leading tounpredictable application behavior. The security of the sandbox is notcompromised.

What do I need to do?

Upgrade to one of the following GKE versions that fix the issue:

  • 1.19.16-gke.1500 or later
  • 1.20.12-gke.1500 or later
  • 1.21.6-gke.1500 or later
  • 1.22.3-gke.700 or later

November 19, 2021

Change

The2021-R33release notes forNo channel were updated with the following additions:

  • The following control plane and node versions are now available:
    • 1.19.16-gke.1500
    • 1.20.12-gke.1500
    • 1.21.6-gke.1500

November 16, 2021

Feature

Thesouthamerica-west1 region in Santiago, Chile is now available.

November 15, 2021

Change

2021-11-19 update: Added new control plane and node versions for the 2021-R33 release inNo channel.

Change

(2021-R33) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.5-gke.1302 is now the default version in the Regular channel.
  • Version1.20.11-gke.1801 is now available in the Regular channel.
  • Version 1.20.10-gke.1600 is no longer available in the Regular channel.
  • The following control planes and nodes with auto-upgrade enabled in theRegular channel will be upgraded with this release:

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

November 12, 2021

Fixed

The release onSeptember 17, 2021 (2021-R29)fixed CVEs in the Compute Engine PD CSI driver for the cluster minor version1.18. The fixes are available in GKE version 1.18.20-gke.5900 and later.

The following CVEs were fixed: CVE-2021-3712, CVE-2021-3580, CVE-2021-33910,CVE-2020-29361, CVE-2020-29362, CVE-2021-24031, CVE-2021-3711, CVE-2021-20305,CVE-2020-24659, CVE-2021-24032, CVE-2021-20231, CVE-2021-20232, CVE-2021-33560,CVE-2020-29363, CVE-2021-3520, and CVE-2020-27350.

Change

Legacy networks that contain GKE clusters can be converted to VPC networks, if the required control plane and node pool upgrades are performed. This feature is available inPreview. For more information, seeSingle-region conversion tool.

November 09, 2021

Feature

For GKE Autopilot clusters,Spot Pods are now available inPreview. Spot Pods let you run fault-tolerant workloads at lower costs.

November 04, 2021

Feature

You can now use image streaming in GKE to reduce image pull time and improve overall application startup and autoscaling performance. For more information, seeUse image streaming to pull container images.

October 29, 2021

Change

Revisions for 2021-R32

2021-12-03 update: Revised upgrade versions. Control planes and nodes withauto-upgrade enabled will be upgraded in the following channels:

Change

(2021-R32) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.10-gke.1600 is now the default version in the Stable channel.
  • Version1.19.15-gke.500 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.19.13-gke.1900
    • 1.20.10-gke.301
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to1.19.14-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.20.10-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.20.10-gke.1600 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.10-gke.1600 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.20.9-gke.1001
    • 1.20.10-gke.301
    • 1.21.3-gke.2001
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.20.10-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.20.10-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.21 to1.21.3-gke.2003 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.5-gke.1302 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.21.4-gke.2300
    • 1.21.5-gke.1300
    • 1.22.2-gke.1300
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.21.5-gke.1302 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.5-gke.1302 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.22.2-gke.1901 with this release.

October 28, 2021

Change

GKE public clusters versions 1.22 and later created on or after October 28, 2021, will move to usingPrivate Service Connect (PSC) for private control plane communication. There is no price increase for using GKE public clusters running on PSC, however, there will be a SKU change. This change does not apply to public clusters usinglegacy networks.

Issue

In clusters running GKE version 1.21.0-gke.1000 and later, the destination IP address and port of the GKE metadata server has changed. If you have a cluster network policy and you use Workload Identity, you should update your network policy to allow access to the following destination IP addresses and ports. To avoid disruptions during auto-upgrades, allow access to all these destination address and destination port combinations in your network policy. For more information, seeUnderstanding the GKE metadata server.

GKE versionGKE metadata server address
Prior to 1.21.0-gke.1000127.0.0.1:987 and127.0.0.1:988
1.21.0-gke.1000 and later169.254.169.252:987 and169.254.169.252:988

October 27, 2021

Feature

In GKE version 1.22 and later, GKE cluster autoscaler and node auto-provisioning will support working on empty (zero node) clusters, and will support scaling down nodes with pods requesting local storage.

October 21, 2021

Feature

For GKE Autopilot clusters,CMEK for boot disksand CMEK forapplication-layer encryptionis now generally available.

Feature

For GKE Autopilot clusters,Google Groups for RBAC is now generally available.

Security

A security issue was discovered in the Kubernetes ingress-nginx controller,CVE-2021-25742. Ingress-nginx custom snippets allows retrieval of ingress-nginx service account tokens and secrets across all namespaces. For more information, see theGCP-2021-024 security bulletin.

October 15, 2021

Change

(2021-R31) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.13-gke.1900 is now the default version in the Stable channel.

  • The following versions are now available in the Stable channel:

  • Version 1.19.13-gke.1200 is no longer available in the Stable channel.

  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.19.13-gke.1900 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.4-gke.2300 is now the default version in the Rapid channel.

  • The following versions are now available in the Rapid channel:

  • The following versions are no longer available in the Rapid channel:

    • 1.21.4-gke.1801
    • 1.22.1-gke.1602

  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.4-gke.2300 with this release.

  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.22 to1.22.2-gke.1300 with this release.

Issue

GKE Windows clusters using the persistent disk CSI driver ​might experience volume mount issues with existingPersistentVolumeClaim orPersistentVolume resources if upgraded to one the following versions. Please do not upgrade your Windows node pools to the following versions in the Rapid channel:

  • 1.22.1-gke.1602 or later

The fix will be available in a future GKE 1.22 release.

October 14, 2021

Issue

StatefulSet Pods in Calico Network Policy enabled GKE clusters might experience connectivity issues in aTerminating state in the following GKE versions:

  • 1.18
  • 1.19
  • 1.20 to 1.20.11-gke.1299
  • 1.21 to 1.21.4-gke.1499

To mitigate this issue, upgrade your GKE control plane to GKE version1.21.4-gke.1500 or later.
For more information, see theknown issueandCalico issue #4710.

October 13, 2021

Fixed

The following GKE versions fix containerd issue#5438. This issue caused pod IP address leaks which exhaust the IP addresses of containerd based nodes.

  • 1.19.14-gke.1500 or later
  • 1.20.10-gke.1500 or later
  • 1.21.4-gke.1600 or later

For more information, see the Containerd node imagesknown issues.

October 12, 2021

Feature

Spot VMs on GKE is now available inPreview.

Fixed

With GKE version 1.19 and later, the CPU and memory usage of gke-metrics-agent have been optimized. With this change, Out Of Memory (OOM) crashes are reduced significantly.

If you are on GKE version 1.18 and earlier, you will need to upgrade your clusters to version 1.19 or later.

October 04, 2021

Feature

GKE version 1.20.8-gke.2100 or later offers aPreview of a fully managed metric collection pipeline to scrape Prometheus-style metrics exposed by any GKE workload and send those metrics to Cloud Monitoring for dashboards, alerts, and SLOs. Compared to the Prometheus Stackdriver sidecar, this new pipeline is easy to set up, allows filtering to control cost, supports larger clusters, is fully managed, supports Autopilot and horizontal Pod autoscaling, and offers better pricing. Get started withGKE workload metrics.

October 01, 2021

Change

(2021-R30) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.10-gke.301 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.18.20-gke.3001
    • 1.18.20-gke.3300
    • 1.18.20-gke.4100
    • 1.18.20-gke.4501
    • 1.18.20-gke.6000
    • 1.19.12-gke.2101
    • 1.20.8-gke.2101
    • 1.20.9-gke.701
    • 1.20.9-gke.1000
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.19 to1.19.13-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to1.20.10-gke.301 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.21 to1.21.3-gke.2001 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.13-gke.1200 is now the default version.
  • The following control plane and node versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.19.13-gke.701
    • 1.20.9-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.19 to1.19.13-gke.1200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.19 to1.20.9-gke.1001 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.10-gke.301 is now the default version in the Regular channel.
  • Version1.21.3-gke.2001 is now available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.20 to1.20.10-gke.301 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.21 to1.21.3-gke.2001 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.4-gke.1801 is now the default version in the Rapid channel.
  • The following control plane and node versions are now available in the Rapidchannel:
  • Version 1.21.4-gke.301 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.21 to1.21.4-gke.1801 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.22 to1.22.1-gke.1602 with this release.
Issue

1.20 clusters with legacy ABAC authorization enabled should not upgrade to 1.21 until 1.21.4-gke.2500+ is available.

Change

Notable changes and bug fixes in 1.22

  • TheterminationGracePeriodSeconds field on pod specs and container probesshould not be negative. Negative values ofterminationGracePeriodSecondswill be treated as the value1 on the delete path. Immutable fieldvalidation will be relaxed in order to update negative values. In a futurerelease, negative values will not be permitted. (#98866)

  • As a mitigation forCVE-2021-25740,newly created Kubernetes 1.22 clusters no longer include write access to theEndpoints API in theedit andadmin roles by default. Existing clustersupgraded to Kubernetes 1.22 retain previous permissions in those roles. Forinstructions to re-add Endpoints write access to theedit andadminroles in newly created 1.22 clusters, refer to theRBAC documentation.

Change

1.21 is now generally available

Kubernetes version 1.21 is now generally available. Before upgrading, read theKubernetes 1.21 Release Notes, especially the action required and deprecation sections.

Deprecated

Deprecated API versions

These APIs are still served in version 1.22 but are in a deprecation period, andwill be removed in 1.25:

  • PodSecurityPolicy
    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 withremoval targeted for version 1.25.
  • The following Beta versions of graduated APIs will beremoved in 1.25 in favor of their GA versions:
    • discovery.k8s.io/v1beta1 EndpointSlice, deprecated since 1.21
    • policy/v1beta1 PodDisruptionBudget, deprecated since 1.21
    • batch/v1beta1 CronJob, deprecated since 1.21
Change

New API versions in 1.22

Thepods/eviction subresource now acceptspolicy/v1 eviction requests inaddition topolicy/v1beta1 eviction requests(#100724)

Feature

Notable features in 1.22

GA: Server-side Apply

Server-side Apply is a new object merge algorithm, as well as tracking of fieldownership, running on the Kubernetes API server. Server-side Apply helps usersand controllers create and modify their resources via declarative configurationsby sending their fully specified intent. Refer toserver-side applydocumentation for more information. Improvements in 1.22 include:

  • scale subresource ownership is tracked correctly (#98377)
  • label selector fields are applied atomically (#97989)
Beta: DaemonSet maxSurge

DaemonSet objects now support amaxSurge rollout parameter, which allowsrunning updated pods for the DaemonSet on nodes before removing old pods. Referto theDaemonSet API documentation for more information.

Beta: Suspended jobs

Job objects can now be created or placed in a suspended state, to allowhigher-level control over ordering and scheduling of batch workloads. Refer totheJob documentation for more information.

Beta: podAffinity namespace selection

Pod affinity rules can now specify namespaced using a label selector, inaddition to a fixed list of namespace names. Refer to thepod affinity documentation for more information.

Deprecated

Removed API versions in 1.22

The following Beta versions of previously graduated APIs are removed in 1.22 infavor of the GA versions. All existing objects can be interacted with via thestable APIs. Update API clients and manifests to use the GA APIs beforeupgrading. For more information, see theKubernetes 1.22 deprecated APIsguide.

  • admissionregistration.k8s.io/v1beta1, MutatingWebhookConfiguration
  • admissionregistration.k8s.io/v1beta1, ValidatingWebhookConfiguration
  • apiextensions.k8s.io/v1beta1, CustomResourceDefinition
  • apiregistration.k8s.io/v1beta1, APIService
  • authentication.k8s.io/v1beta1, TokenReview
  • authorization.k8s.io/v1beta1, LocalSubjectAccessReview
  • authorization.k8s.io/v1beta1, SelfSubjectAccessReview
  • authorization.k8s.io/v1beta1, SubjectAccessReview
  • certificates.k8s.io/v1beta1, CertificateSigningRequest
  • coordination.k8s.io/v1beta1, Lease
  • extensions/v1beta1, Ingress
  • networking.k8s.io/v1beta1, Ingress
  • networking.k8s.io/v1beta1, IngressClass
  • rbac.authorization.k8s.io/v1beta1, ClusterRole
  • rbac.authorization.k8s.io/v1beta1, ClusterRoleBinding
  • rbac.authorization.k8s.io/v1beta1, Role
  • rbac.authorization.k8s.io/v1beta1, RoleBinding
  • scheduling.k8s.io/v1beta1, PriorityClass
  • storage.k8s.io/v1beta1, CSIDriver
  • storage.k8s.io/v1beta1, CSINode
  • storage.k8s.io/v1beta1, StorageClass
  • storage.k8s.io/v1beta1, VolumeAttachment
Change

New Beta and Stable APIs

The following Stable APIs are new in 1.21:

  • batch/v1 CronJob
  • policy/v1 PodDisruptionBudget
  • discovery.k8s.io/v1 EndpointSlice

The following Beta APIs are new in 1.21:

  • storage.k8s.io/v1beta1 CSIStorageCapacity
Change

1.22 is now available in the Rapid channel

Kubernetes 1.22 is now available in the Rapid channel. Before upgrading, readtheKubernetes 1.22 Release Notes,especially the action required and deprecation sections.

Change

In Kubernetes 1.21, newly provisioned PersistentVolumes by gce-pd will use thetopology.kubernetes.io/zone GA label instead of thefailure-domain.beta.kubernetes.io/zonebeta label.

Deprecated

Deprecated APIs

The following APIs are deprecated in the 1.21 release:

  • PodSecurityPolicy
    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 withremoval targeted for version 1.25.
  • The following Beta versions of newly graduated APIs will beremoved in 1.25 in favor of GA versions:
    • discovery.k8s.io/v1beta1 EndpointSlice
    • policy/v1beta1 PodDisruptionBudget
    • batch/v1beta1 CronJob
  • The following Beta versions of previously graduated APIs will beremoved in 1.22 in favor of GA versions:
    • admissionregistration.k8s.io/v1beta1, MutatingWebhookConfiguration
    • admissionregistration.k8s.io/v1beta1, ValidatingWebhookConfiguration
    • apiextensions.k8s.io/v1beta1, CustomResourceDefinition
    • apiregistration.k8s.io/v1beta1, APIService
    • authentication.k8s.io/v1beta1, TokenReview
    • authorization.k8s.io/v1beta1, LocalSubjectAccessReview
    • authorization.k8s.io/v1beta1, SelfSubjectAccessReview
    • authorization.k8s.io/v1beta1, SubjectAccessReview
    • certificates.k8s.io/v1beta1, CertificateSigningRequest
    • coordination.k8s.io/v1beta1, Lease
    • extensions/v1beta1, Ingress
    • networking.k8s.io/v1beta1, Ingress
    • networking.k8s.io/v1beta1, IngressClass
    • rbac.authorization.k8s.io/v1beta1, ClusterRole
    • rbac.authorization.k8s.io/v1beta1, ClusterRoleBinding
    • rbac.authorization.k8s.io/v1beta1, Role
    • rbac.authorization.k8s.io/v1beta1, RoleBinding
    • scheduling.k8s.io/v1beta1, PriorityClass
    • storage.k8s.io/v1beta1, CSIDriver
    • storage.k8s.io/v1beta1, CSINode
    • storage.k8s.io/v1beta1, StorageClass
    • storage.k8s.io/v1beta1, VolumeAttachment
Feature

The following features are introduced in version 1.21:

CronJob (GA)

The CronJob API has graduated to General Availability (GA), bringing performance improvements and allowing scheduled jobs to be run using a stable API.

  • This resource is now available in thebatch/v1 group/version.
  • Thebatch/v1beta1 group/version is deprecated, and will be removed inversion 1.25. See themigration guide for details.

PodDisruptionBudget (GA)

The PodDisruptionBudget has graduated to GA, allowing Pod evictions to becontrolled using a stable API.

  • This resource is now available in thepolicy/v1 group/version.
  • Thepolicy/v1beta1 group/version is deprecated, and will be removed inversion 1.25. See themigration guide for details.

EndpointSlice (GA)

The EndpointSlice API has graduated to GA, bringing performance improvementsover the v1 Endpoints API.

  • This more scalable API for service discovery is now enabled on all clustersand is promoted todiscovery.k8s.io/v1.
  • Thediscovery.k8s.io/v1beta1 group/version is deprecated, and will beremoved in version 1.25. See themigration guide for details.

Default namespace label (Beta)

Namespace API objects now have akubernetes.io/metadata.name label matchingtheirmetadata.name field to allow selecting any namespace by its name using alabel selector. This can be used for objects which select namespaces by label,such asadmission webhooks andnetwork policies.

Bound service account token volumes (Beta)

  • The API credentials injected into containers at/var/run/secrets/kubernetes.io/serviceaccount/tokenare now time-limited, auto-refreshed, and invalidated when the containingpod is deleted.
  • By default, injected tokens are given an extended lifetime so they remainvalid even after a new refreshed token is provided. The metricserviceaccount_stale_tokens_total and the audit annotationauthentication.k8s.io/stale-token can be used to monitor for workloadsthat depend on the extended lifetime and are continuing to use tokens evenafter a refreshed token is provided to the container.
  • Clients should reload the token from disk periodically (once per minute isrecommended) to ensure they use the refreshed token.k8s.io/client-goversion 11.0.0+ and 0.15.0+ reload tokens automatically.

September 30, 2021

Security

A security issue was discovered in Kubernetes, CVE-2021-25741, wherea user may be able to create a container with subpath volume mounts toaccess files & directories outside of the volume, including on the hostfilesystem. For more information, see theGCP-2021-018 security bulletin.

Security

There is a known issue where updating aBackendConfig resource using thev1beta1 API that removes an active Google Cloud Armor security policy from its service. For more information, see theGCP-2021-019 security bulletin.

Security

A security vulnerability,CVE-2020-8561,has been discovered in Kubernetes where certain webhooks can be made toredirectkube-apiserver requests to private networks of that APIserver.For more information, see theGCP-2021-021 security bulletin.

Feature

Now you can see how effectively your GKE clusters and workloads are utilizing your available compute resources. The new Cost Optimization tab lets you view, filter, and learn more about the CPU and memory usage, requests, allocation, and limit amounts of each of your clusters and workloads. This information can help you identify opportunities to optimize your clusters or workloads for more cost effective resource utilization. This feature is now available inPreview. For more information, seeView cost-related optimization metrics.

September 24, 2021

Fixed

GKE versions 1.18.20-gke.5100 and later fix the issue withv1beta1 of theBackendconfig API, where a Cloud Armor security policy was inadvertently deleted from the backend Service of an Ingress resource.

For more information, see Kubernetesissue #1508 and the IngressKnown issues page.

Issue

GKE clusters running node pools that use Docker might experience containers restarting every time Docker restarts.

The following versions are affected:

  • GKE 1.20 versions lower than 1.20.9-gke.2100
  • GKE 1.21 versions lower than 1.21.3-gke.1600

To fix this issue, either use Containerd or upgrade your nodes to version:

  • For GKE 1.20: 1.20.9-gke.2100 or higher
  • For GKE 1.21: 1.21.3-gke.1600 or higher

September 17, 2021

Change

(2021-R29) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.13-gke.701 is now the default version in the Stable channel.
  • Version1.19.13-gke.1200 is now available in the Stable channel.
  • Version1.20.9-gke.1000 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.18.20-gke.901
    • 1.18.20-gke.3001
    • 1.19.12-gke.2101
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to1.19.13-gke.701 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.20 to1.20.9-gke.1000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.9-gke.1001 is now the default version in the Regular channel.
  • Version1.20.10-gke.301 is now available in the Regular channel.
  • Version 1.20.9-gke.701 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.20.9-gke.1001 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.4-gke.301 is now the default version in the Rapid channel.
  • Version1.21.4-gke.1801 is now available in the Rapid channel.
  • Version 1.21.3-gke.2001 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.4-gke.301 with this release.

September 16, 2021

Change

For Autopilot clusters, starting with GKE version1.21.3-gke.900:

  • Users can also create mutating webhooks. However, Autopilot modifies themutating webhooks objects to add a namespace selector which excludes theresources in managed namespaces (currently,kube-system) from beingintercepted. Additionally, webhooks which specify one or more of followingresources (and any of their sub-resources) in the rules, will be rejected:

    -group:""resource:nodes-group:""resource:persistentvolumes-group:certificates.k8s.ioresource:certificatesigningrequests-group:authentication.k8s.ioresource:tokenreviews

  • TheSYS_PTRACE capability is allowed in user workloads.

  • Gatekeeper is no longer used in Autopilot policy enforcement, letting usersinstall their own Gatekeeper instances.

When downgrading Autopilot clusters versions1.21 to the older minor versions,the cluster might intermittently become unavailable. Once the downgrade iscomplete, the cluster will be available.

Feature

In GKE versions 1.21.0-gke.1500 and later,VPC-nativeis the default network mode during cluster creation. To create a routes-based cluster, you can use the--no-enable-ip-alias flag:

gcloudcontainerclusterscreateCLUSTER_NAME--no-enable-ip-alias

September 14, 2021

Feature

Multi-cluster Ingress now supportsSSL policies and HTTPS redirects using theFrontendConfig resource. This feature is generally available in GKE versions 1.17.13-gke.2600 and later.

Feature

With GKE versions 1.21.4-gke.30 and later, users can createServiceAttachment resources to provisionPrivate Service Connect (PSC) for internal LoadBalancer Services. This feature is available inPreview.

September 13, 2021

Fixed

GKE versions 1.19.14-gke.301 and later fix the issue withv1beta1 of theBackendconfig API, where a Cloud Armor security policy was inadvertently deleted from the backend Service of an Ingress resource.

For more information, see Kubernetesissue #1508 and the IngressKnown issues page.

September 09, 2021

Feature

Themanaged Filestore CSI driver for GKE is now available in GKE versions 1.21 and later to provision and manage Filestore instances for GKE workloads.

September 08, 2021

Deprecated

Severalgcloud flags used to configure which logs and metrics are collected are deprecated and replaced with new flags. SeeDeprecated Configuration Parameters for a list of the deprecated logging and monitoring flags as well as the equivalent values for the new--logging and--monitoring flags.

September 07, 2021

Change

The R28 release notes were updated on September 24, 2021 with the following additions:

No channel

Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.18 to1.19.12-gke.2101 with this release.

Stable channel

Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.18 to1.19.12-gke.2101 with this release.

Change

(2021-R28) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.12-gke.2101 is now the default version in the Stable channel.
  • The following control plane and node versions are now available in the Stable channel:
  • The following versions are no longer available in the Stable channel:
    • 1.18.20-gke.3000
    • 1.19.12-gke.2100
    • 1.19.13-gke.700
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.18 to1.19.12-gke.2101 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded fromversion 1.19 to1.19.12-gke.2101 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.9-gke.701 is now the default version in the Regular channel.
  • The following control plane and node versions are now available in the Regular channel:
  • The following versions are no longer available in the Regular channel:
    • 1.20.9-gke.700
    • 1.20.9-gke.1000
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.20 to1.20.9-gke.701 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.21.3-gke.2001 is now the default version in the Rapid channel.
  • The following control plane and node versions are now available in the Rapidchannel:
  • Version 1.21.3-gke.2000 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.21 to1.21.3-gke.2001 with this release.
Security

Two security vulnerabilities,CVE-2021-33909 andCVE-2021-33910, have beendiscovered in the Linux kernel that can lead to an OS crash or an escalation to root by anunprivileged user. This vulnerability affects all GKE node operating systems (COS and Ubuntu).

For more information, see theGCP-2021-017 security bulletin.

September 02, 2021

Feature

Multi-Instance GPU on GKE is is now generally available.

August 30, 2021

Feature

GKE Autoscaling profilesare now generally available.

August 24, 2021

Feature

You can now enable Google Virtual NIC in a new GKE cluster on GPU nodes. For more information, seeUsing Google Virtual NIC.

Feature

Identity Service for GKE (Preview) is available. Identity Service for GKE extends existing identity solutions for authentication into GKE clusters by supporting OpenID Connect (OIDC). For more information, seeAuthenticating with Identity Service for GKE.

August 20, 2021

Change

(2021-R27) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.2100 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.18.20-gke.501
    • 1.19.9-gke.1900
    • 1.19.10-gke.1000
    • 1.19.10-gke.1001
    • 1.19.10-gke.1601
    • 1.19.10-gke.1701
    • 1.19.11-gke.1701
    • 1.19.11-gke.2101
    • 1.19.12-gke.700
    • 1.19.12-gke.900
    • 1.19.12-gke.1100
    • 1.20.8-gke.700
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.18 to1.18.20-gke.901 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.19 to1.19.12-gke.2100 with this release.

Stable channel

There are no new releases in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.2100 is now the default version in the Regular channel.
  • Version1.20.9-gke.700 is now available in the Regular channel.
  • Version 1.20.8-gke.900 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.20 to1.20.8-gke.2100 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.2100 is now the default version in the Rapid channel.
  • The following control plane and node versions are now available in the Rapidchannel:
  • The following versions are no longer available in the Rapid channel:
    • 1.20.8-gke.2100
    • 1.21.3-gke.900
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.20 to1.20.8-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.21 to1.21.3-gke.901 with this release.
Feature

For GKE clusters running Windows Server node pools, you can proactively receiveupdates about new GKE versions and the Windows OS versions they use bysubscribing toUpgradeAvailableEvent notifications.This feature is now available inPreview.

August 19, 2021

Feature

A simplified GKE API for configuring which logs and metrics are collected and sent to Cloud Logging and Cloud Monitoring is now available. Thegcloud container clusters create andgcloud container clusters update commands now support the--logging and--monitoring flags.

For example, to collect both system and workload logs in an existing cluster, usegcloud container clusters update --logging=SYSTEM,WORKLOAD. Or, to create a new cluster with no metrics collected, usegcloud container clusters create --monitoring=NONE.

See a complete list ofavailable logs andavailable metrics.

These flags are available in Google Cloud SDK version 352.0.0 and later.

August 18, 2021

Issue

GKE clusters running node pools that use containerd might experience IP leak issues and exhaust all Pod IPs on a node. A Pod scheduled on an affected node shows an error message similar to the following:

failed to allocate for range 0: no IP addresses available in range set: 10.48.131.1-10.48.131.62

For more information about the issue, see containerdissue #5438 andissue #5768.

For workarounds to mitigate this issue, see theKnown issues section in containerd node images.

August 17, 2021

Issue

An issue was identified withv1beta1 of theBackendConfig API, where a Cloud Armor security policy was inadvertently deleted from the backend Service of an Ingress resource on the following affected GKE versions:

  • 1.18.19-gke.1400 and later
  • 1.19.10-gke.700 and later
  • 1.20.6-gke.700 and later

To fix this issue, usev1 of theBackendConfig API, or update your clusters to one of the following GKE versions:

  • 1.20.9-gke.900 and later
  • 1.21.1-gke.2700 and later

For more information, see Kubernetesissue #1508 and the IngressKnown issues page.

August 12, 2021

Change

(2021-R26) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.12-gke.2100 is now the default version in the Stable channel.
  • Version1.18.20-gke.901 is now available in the Stable channel.
  • Version 1.19.11-gke.2101 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 and version 1.19 to1.19.12-gke.2100 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Version1.20.8-gke.2100 is now available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

August 05, 2021

Feature

GKE Multi Cluster Ingress is now available throughstandalone per-Pod pricing in addition to Anthos licensing for all GKE release channels.

August 03, 2021

Change

(2021-R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.20-gke.900 is now the default version in the Stable channel.
  • Version 1.18.20-gke.501 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.20-gke.900 with this release.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.900 is now the default version in the Rapid channel.
  • Version1.20.9-gke.700 is now available in the Rapid channel.
  • Version1.21.3-gke.900 is now available in the Rapid channel.
  • Version 1.20.8-gke.700 is no longer available in the Rapid channel.
  • Version 1.21.2-gke.600 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.8-gke.900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to version1.21.3-gke.100 with this release.
Change

Thenorthamerica-northeast2region in Toronto is now available.

July 27, 2021

Change

(2021-R24) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.900 is now the default version.
  • The following control plane and node versions are now available:
  • The following control plane versions are no longer available:
    • 1.18.18-gke.1101
    • 1.18.18-gke.1701
    • 1.20.7-gke.1800
    • 1.20.7-gke.2200
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.20 to version1.20.8-gke.700 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.20-gke.501 is now the default version in the Stable channel.
  • Version1.18.20-gke.900 is now available in the Stable channel.
  • Version1.19.12-gke.2100 is now available in the Stable channel.
  • Version 1.18.19-gke.1701 is no longer available in the Stable channel.
  • Version 1.19.10-gke.1000 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.20-gke.501 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to version1.19.11-gke.2101 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.900 is now the default version in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.19.9-gke.1900
    • 1.19.11-gke.1701
    • 1.19.12-gke.1100
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.20.8-gke.900 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

July 21, 2021

Feature

Google Groups for RBAC is now generally available.

July 20, 2021

Change

(2021-R23) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.19-gke.1701 is now the default version in the Stable channel.
  • Version1.18.20-gke.501 is now available in the Stable channel.
  • Version 1.18.17-gke.1901 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.19-gke.1701 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.12-gke.1100 is now available in the Regular channel.
  • Version1.20.8-gke.900 is now available in the Regular channel.
  • Version 1.20.7-gke.1800 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.20.8-gke.900 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.8-gke.700 is now the default version in the Rapid channel.
  • Version1.20.8-gke.900 is now available in the Rapid channel.
  • Version 1.20.7-gke.2200 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.20.8-gke.700 with this release.
Deprecated

Legacy Logging and Monitoring wasdeprecated December 12, 2019 and was decommissioned March 31, 2021. As described in the guide forMigrating to Cloud Operations for GKE all clusters still using Legacy Logging and Monitoring are being automatically and gradually migrated to Cloud Operations for GKE during the coming weeks.

July 14, 2021

Security

A new security vulnerability,CVE-2021-22555, has been discovered where a malicious actor withCAP_NET_ADMIN privileges can potentially cause a container breakout to root on the host. This vulnerability affects all GKE clusters and Anthos clusters on VMware running Linux version 2.6.19 or later.

For more information, see theGCP-2021-015 security bulletin.

July 13, 2021

Issue

There is a known issue that prevents the gcloud client from interacting with multi-cluster Ingress that was introduced in gcloud version 346.0.0 and was fixed in version 348.0.0. It is recommended that you do not use gcloud versions 346.0.0 and 347.0.0 when using multi-cluster Ingress.

July 09, 2021

Change

(2021-R22) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.19-gke.1701 is now available in the Stable channel.
  • Version1.19.11-gke.2101 is now available in the Stable channel.
  • Version 1.18.18-gke.1700 is no longer available in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.11-gke.1701 is now available in the Regular channel.
  • Version1.20.7-gke.1800 is now available in the Regular channel.
  • Version 1.19.10-gke.1700 is no longer available in the Regular channel.
  • Version 1.20.6-gke.1000 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded fromversion 1.20 to1.20.7-gke.1800 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.7-gke.2200 is now the default version.
  • Version1.20.8-gke.700 is now available in the Rapid channel.
  • Version1.21.2-gke.600 is now available in the Rapid channel.
  • Version 1.20.6-gke.1400 is no longer available in the Rapid channel.
  • Version 1.20.7-gke.1800 is no longer available in the Rapid channel.
  • Version 1.21.1-gke.2200 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.20 to1.20.7-gke.2200 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded fromversion 1.21 to1.21.2-gke.600 with this release.

July 08, 2021

Security

Microsoft published a security bulletin on a Remote code execution (RCE) vulnerability,CVE-2021-34527, that affects the print spooler in Windows servers. The CERT Coordination Center (CERT/CC) published an update note on a related vulnerability, dubbed "PrintNightmare" that also affects Windows print spoolers -PrintNightmare, Critical Windows Print Spooler Vulnerability.

For more information, see theGCP-2021-014 security bulletin.

July 02, 2021

Security

The Istio project recentlydisclosed a new security vulnerability,CVE-2021-34824, affectingIstio. Istio contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces.

For more information, see theGCP-2021-012 security bulletin.

Feature

Config Management is now available on GKE. Config Management provides you with the following benefits:

  • You can now use Policy Controller. Policy Controller enables the enforcement of fully programmable policies for your clusters. To learn more, seePolicy Controller overview.
  • You can now install Config Sync using the Cloud Console or thegcloud command line tool. To learn more, seeInstalling Config Sync.

June 29, 2021

Change

Theasia-south2region in Delhi is now available.

June 28, 2021

Feature

In GKE node version 1.21.1-gke.2200 and later, Containerd is available as a runtime for Windows Server LTSC and SAC node images. Containerd is the recommended container runtime for GKE. For more information, seeNode images.

June 25, 2021

Issue

GKE clusters on some 1.18.18+ and 1.19.10+ versions might fail to create orapply CustomResourceDefinitions containing integer validation rules usingserver-side apply. The following error occurs:failed to convert new object to proper version: unable to convert unstructured object to apiextensions.k8s.io/v1, Kind=CustomResourceDefinition: cannot convert int64 to float64.

The following versions are affected:

  • 1.19.11-gke.1700
  • 1.19.10-gke.1700
  • 1.19.10-gke.1600
  • 1.19.10-gke.1000
  • 1.18.19-gke.1700
  • 1.18.18-gke.1700
  • 1.18.18-gke.1100

To resolve this issue, upgrade to a newer version or downgrade to one of thefollowing versions:

  • 1.19.9-gke.1900
  • 1.18.17-gke.1901
Change

(2021-R21) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.18-gke.1700 is now available in the Stable channel.
  • Version 1.18.17-gke.1900 is no longer available in the Stable channel.
  • Version 1.18.18-gke.1100 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.17 to version1.18.17-gke.1901 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1900 is now the default version in the Regular channel.
  • Version1.19.9-gke.1900 is now available in the Regular channel.
  • Version 1.19.10-gke.1600 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to1.19.10-gke.1700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.19.10-gke.1700 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.7-gke.2200 is now available in the Rapid channel.
  • Version1.21.1-gke.2200 is now available in the Rapid channel.
  • Version 1.21.1-gke.1800 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to1.20.7-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.20.7-gke.1800 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.1-gke.2200 with this release.

June 24, 2021

Feature

Internal load balancer subsetting for GKE is now generally available in GKE versions 1.18.19-gke.1400 and later.

June 21, 2021

Change

Theaustralia-southeast2region in Melbourne is now available.

June 16, 2021

Change

(2021-R20) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.1901 is now the default version in the Stable channel.
  • Version1.18.18-gke.1100 is now available in the Stable channel.
  • Version 1.18.17-gke.1200 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.17-gke.1901 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.10-gke.1600 is now the default version in the Regular channel.
  • Version1.19.10-gke.1700 is now available in the Regular channel.
  • Version 1.19.9-gke.1900 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to1.19.10-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.19.10-gke.1600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.7-gke.1800 is now available in the Rapid channel.
  • Version1.21.1-gke.1800 is now available in the Rapid channel.
  • Version 1.21.1-gke.400 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.1-gke.1800 with this release.

June 15, 2021

Fixed

Theissue affecting the Datadog Agent on Autopilot has been resolved in Datadog version 2.13.1.

June 11, 2021

Feature

GKE Multi-cluster Servicessupport for pod-specific addressing is now generally available.

June 10, 2021

Feature

Volume snapshotsis now generally available. Starting in GKE version 1.21 and later, you can nowusev1 snapshots;v1beta1 snapshots will continue to operate as expecteduntil further notice.

Feature

For GKE clusters running Windows Server node pools, you can see the versionmapping between GKE versions and Windows Server versions for all available GKEversions by using agcloud command. This feature is now available inpreview.

For more details, seeUse gcloud tool to get version mapping.

Feature

Committed use discounts are now generally available to purchase for Google KubernetesEngine (Autopilot Mode).

Google Kubernetes Engine (Autopilot Mode) committed use discounts apply to allAutopilot Pod workload vCPU, memory, and ephemeral storage usage in the regionin which you have committed. Google Kubernetes Engine (Autopilot Mode) committeduse discountsdo not apply to the cluster management fee or to GKE Standardmode compute nodes.

See thedocumentation for moredetails.

June 09, 2021

Change

(2021-R19) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.1900 is now the default version in the Stable channel.
  • Version1.18.17-gke.1901 is now available in the Stable channel.
  • Version1.19.10-gke.1000 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.17-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.19 to version1.19.10-gke.1000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.10-gke.1600 is now available in the Regular channel.
  • Version1.20.6-gke.1000 is now available in the Regular channel.
  • Version 1.19.9-gke.1400 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to1.19.9-gke.1900 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.20 to1.20.6-gke.1000 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.6-gke.1400 is now the default version in the Rapid channel.
  • Version1.21.1-gke.400 is now available in the Rapid channel.
  • Version 1.20.6-gke.1000 is no longer available in the Rapid channel.
  • Version 1.21.1-gke.100 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to1.20.6-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.1-gke.400 with this release.
Issue

A domain-scoped project is not supported in GKE version 1.20. The cluster'sCertificateSigningRequest will be denied when validating the DNS name and the nodes cannot join the cluster.

Issue

If you manually upgrade your cluster from 1.18 to 1.19 and the network tier configuration on an existing external network load balancer does not match the network tier annotation in the service spec (if unspecified, defaults toPremium), the load balancer will be deleted and recreated, and the network tier configuration will be enforced.

Change

Starting in version 1.20, timeouts on exec probes are honored, anddefault to 1 second if unspecified. If you have Pods using exec probes, ensurethat they can easily complete in 1 second or explicitly set an appropriatetimeout. For more information, seeConfigureProbes.

Change

Thenode.k8s.io/v1beta1 RuntimeClass API has graduated tonode.k8s.io/v1with no changes. API clients and manifests should switch to using thenode.k8s.io/v1 API after version 1.20. Thenode.k8s.io/v1beta1 API isdeprecated and will no longer be served starting in version 1.25.

Fixed

Non-deterministic treatment of objects with invalidownerReferences wasfixed in version 1.20.Run thekubectl-check-ownerreferences tool prior to upgrade to locate existing objects with invalidownerReferences.

  • A namespaced object with anownerReference to another namespaced objectwhich does not exist in the same namespace is now consistently treated ashaving a missing owner and is deleted.

  • A cluster-scoped object with anownerReference to a namespaced object isnow consistently treated as having an unresolvable owner, and is ignoredby the garbage collector.

  • Starting in version 1.20, when a namespace mismatch between a child and ownerobject is detected, an event with a reason code ofOwnerRefInvalidNamespace is recorded.

Change

Themetadata.selfLink field,deprecated since version 1.16, is no longer populated in version 1.20. See Kubernetesissue #1164 for details. A related bug in thek8s.io/client-golibrary in theGetReference function was fixed in versions 0.15.9 or later, 0.16.4 orlater, and 0.17.0 or later. Clients using theGetReference function shouldupgrade to one of those versions ofclient-go or newer in order to workcorrectly against an API Server running version 1.20 or later.

Change

1.20 is now generally available

Kubernetes 1.20 is now generally available (GA). Before upgrading, read theKubernetes 1.20 Release Notes especially theUrgent upgrade notes andDeprecations sections.

Announcement

Reminder: Future beta API removals in versions 1.22 and 1.25

Kubernetes versions 1.22 and 1.25 will stop serving several deprecated betaAPIs. It is recommended to begin migrating your clients and manifests to thestable replacement APIs now. More information is available in theOSS Kubernetes documentation.

Change

As of version 1.20, the kubelet no longer creates thetarget_path forNodePublishVolume in accordance with the CSI spec. If you have self-managed CSIdrivers deployed in your cluster, ensure that they are idempotent and do anynecessary mount creation or verification. For more information, see Kubernetesissue#88759.

June 07, 2021

Change

You can now specify the default image type to use for new auto-provisioning node pools. SeeUsing node auto-provisioning for more details.

June 04, 2021

Security

The security community recently disclosed a new security vulnerabilityCVE-2021-30465 found inrunc that has the potential to allow full access to a node filesystem.

For more information, see theGCP-2021-011 security bulletin.

May 28, 2021

Change

(2021-R18) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on versioning and upgrades, seeGKE versioning and supportandUpgrades.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.1200 is now the default version in the Stable channel.
  • Version1.18.17-gke.1900 is now available in the Stable channel.
  • Version 1.17.17-gke.4900 is no longer available in the Stable channel.
  • Version 1.17.17-gke.5400 is no longer available in the Stable channel.
  • Version 1.18.17-gke.700 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.17-gke.1200 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.6-gke.1400 is now available in the Rapid channel.
  • Version1.21.1-gke.100 is now available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.21 to1.21.1-gke.100 with this release.
Change

In Kubernetes 1.21, newly provisioned PersistentVolumes by gce-pd will use thetopology.kubernetes.io/zone GA label instead of thefailure-domain.beta.kubernetes.io/zonebeta label.

Deprecated

1.21 Deprecated APIs

The following APIs are deprecated in the 1.21 release:

  • PodSecurityPolicy
    • policy/v1beta1 PodSecurityPolicy
    • Deprecated in 1.21 withremoval targeted for version 1.25.
  • The following Beta versions of newly graduated APIs will beremoved in 1.25 in favor of GA versions:
    • discovery.k8s.io/v1beta1 EndpointSlice
    • policy/v1beta1 PodDisruptionBudget
    • batch/v1beta1 CronJob
  • The following Beta versions of previously graduated APIs will beremoved in 1.22 in favor of GA versions:
    • admissionregistration.k8s.io/v1beta1, MutatingWebhookConfiguration
    • admissionregistration.k8s.io/v1beta1, ValidatingWebhookConfiguration
    • apiextensions.k8s.io/v1beta1, CustomResourceDefinition
    • apiregistration.k8s.io/v1beta1, APIService
    • authentication.k8s.io/v1beta1, TokenReview
    • authorization.k8s.io/v1beta1, LocalSubjectAccessReview
    • authorization.k8s.io/v1beta1, SelfSubjectAccessReview
    • authorization.k8s.io/v1beta1, SubjectAccessReview
    • certificates.k8s.io/v1beta1, CertificateSigningRequest
    • coordination.k8s.io/v1beta1, Lease
    • extensions/v1beta1, Ingress
    • networking.k8s.io/v1beta1, Ingress
    • networking.k8s.io/v1beta1, IngressClass
    • rbac.authorization.k8s.io/v1beta1, ClusterRole
    • rbac.authorization.k8s.io/v1beta1, ClusterRoleBinding
    • rbac.authorization.k8s.io/v1beta1, Role
    • rbac.authorization.k8s.io/v1beta1, RoleBinding
    • scheduling.k8s.io/v1beta1, PriorityClass
    • storage.k8s.io/v1beta1, CSIDriver
    • storage.k8s.io/v1beta1, CSINode
    • storage.k8s.io/v1beta1, StorageClass
    • storage.k8s.io/v1beta1, VolumeAttachment
Change

1.21 available in the Rapid channel

Kubernetes version 1.21 is now available in the Rapid channel. Before upgrading,read theKubernetes 1.21 Release Notes,especially the action required and deprecation sections.

Feature

1.21 Features

The following features are introduced in version 1.21:

CronJob (GA)

The CronJob API has graduated to General Availability (GA), bringing performanceimprovements and allowing scheduled jobs to be run using a stable API.

  • This resource is now available in thebatch/v1 group/version.
  • Thebatch/v1beta1 group/version is deprecated, and will be removed inversion 1.25. See themigration guide for details.

PodDisruptionBudget (GA)

The PodDisruptionBudget has graduated to GA, allowing pod evictions to becontrolled using a stable API.

  • This resource is now available in thepolicy/v1 group/version.
  • Thepolicy/v1beta1 group/version is deprecated, and will be removed inversion 1.25. See themigration guide for details.

EndpointSlice (GA)

The EndpointSlice API has graduated to GA, bringing performance improvementsover the v1 Endpoints API.

  • This more scalable API for service discovery is now enabled on all clustersand is promoted todiscovery.k8s.io/v1.
  • Thediscovery.k8s.io/v1beta1 group/version is deprecated, and will beremoved in version 1.25. See themigration guide for details.

Default namespace label (Beta)

Namespace API objects now have akubernetes.io/metadata.name label matchingtheirmetadata.name field to allow selecting any namespace by its name using alabel selector. This can be used for objects which select namespaces by label,such asadmission webhooks andnetwork policies.

Bound service account token volumes (Beta)

  • The API credentials injected into containers at/var/run/secrets/kubernetes.io/serviceaccount/tokenare now time-limited, auto-refreshed, and invalidated when the containingpod is deleted.
  • By default, injected tokens are given an extended lifetime so they remainvalid even after a new refreshed token is provided. The metricserviceaccount_stale_tokens_total and the audit annotationauthentication.k8s.io/stale-token can be used to monitor for workloadsthat depend on the extended lifetime and are continuing to use tokens evenafter a refreshed token is provided to the container.
  • Clients should reload the token from disk periodically (once per minute isrecommended) to ensure they use the refreshed token.k8s.io/client-goversion 11.0.0+ and 0.15.0+ reload tokens automatically.
Feature

GKE clusters running version 1.18 or later now supportcontainer native Cloud DNS (available inPreview). Cloud DNS can be used as the in-cluster DNS provider instead of kube-dns.

Change

1.21 New Beta and Stable APIs

The following Stable APIs are new in 1.21:

  • batch/v1 CronJob
  • policy/v1 PodDisruptionBudget
  • discovery.k8s.io/v1 EndpointSlice

The following Beta APIs are new in 1.21:

  • storage.k8s.io/v1beta1 CSIStorageCapacity

May 21, 2021

Feature

Network Policy Logging is generally available (GA).Note that Network Policy Logging requiresDataplane V2.

May 20, 2021

Issue

In GKE version 1.20 and later, audit logging does not occur forBinary Authorization fail open events.

May 19, 2021

Change

(2021-R17) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.700 is now the default version in the Stable channel.
  • Version1.18.17-gke.1200 is now available in the Stable channel.
  • Version 1.18.17-gke.100 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.17 to version1.18.17-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.17-gke.700 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1900 is now available in the Regular channel.
  • Version 1.18.17-gke.700 is no longer available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.20.6-gke.1000 is now the default version in the Rapid channel.
  • Version 1.19.9-gke.1900 is no longer available in the Rapid channel.
  • Version 1.19.10-gke.1000 is no longer available in the Rapid channel.
  • The following control planes and nodes with auto-upgrade enabled in theRapid channel will be upgraded with this release:
Change

For GKE clusters running 1.18.18-gke.1200 or later, Ingress Controller only syncs NEGs that were created by the controller. Custom named NEGs that were created outside of the controller will no longer be synced.

May 17, 2021

Feature

TheUpgradeAvailableEventnotification is now generally available.

May 12, 2021

Change

(2021-R16) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1400 is now the default version.
  • Version1.17.17-gke.7800 is now available.
  • Version1.19.10-gke.1000 is now available.
  • The following versions are no longer available:
    • 1.18.15-gke.1501
    • 1.18.15-gke.1502
    • 1.18.16-gke.1201
    • 1.18.16-gke.2100
    • 1.18.16-gke.300
    • 1.18.16-gke.302
    • 1.18.16-gke.502
  • The following control planes and nodes with auto-upgrade enabled will beupgraded with this release:

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1400 is now the default version in the Regular channel.
  • Version 1.18.17-gke.100 is no longer available in the Regular channel.
  • Version 1.19.8-gke.1600 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to version1.19.9-gke.1400 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.10-gke.1000 is now available in the Rapid channel.
  • Version1.20.6-gke.1000 is now available in the Rapid channel.
  • Version 1.20.5-gke.2000 is no longer available in the Rapid channel.
  • The following control planes and nodes with auto-upgrade enabled in theRapid channel will be upgraded with this release:
Feature

Dataplane V2 is generally available in newly created clusters using GKE versions 1.20.6-gke.700 and later.

Feature

TheGKE Gateway controller, Google Cloud's implementation of theGateway API, is available inPreview in GKE version 1.20 and later. SeeDeploying Gateways for how to expose applications using Gateway.

Issue

In GKE version 1.20 and later, the GKE Gateway controller introduces the newgateway.networking.x-k8s.io resource. This is similar but different from thegateway.networking.istio.io resource. This may cause thekubectl get gateway command to return the incorrect Gateway resource unless the fully qualified resource name is used. To avoid seeing unexpected results when using kubectl, seeKubernetes Gateways and Istio Gateways.

Security

The Istio project recentlydisclosed a new security vulnerability (CVE-2021-31920) affectingIstio. For more information, see theGCP-2021-006 security bulletin.

May 06, 2021

Feature

You can now enable and configureOS Login for private GKE clusters and nodes.This feature is enabled for private GKE clusters running node pool versions 1.20.5 or later.

Security

The Envoy and Istio projects recentlyannounced several new security vulnerabilities (CVE-2021-28683,CVE-2021-28682, andCVE-2021-29258) that could allow an attacker to crash Envoy.

For more information, see theGCP-2021-004 security bulletin.

May 04, 2021

Change

(2021-R15) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.100 is now the default version.
  • Version1.17.17-gke.7200 is now available.
  • The following versions are no longer available:
    • 1.16.15-gke.12500
    • 1.16.15-gke.14800
    • 1.17.17-gke.1101
    • 1.17.17-gke.1500
    • 1.17.17-gke.2800
    • 1.17.17-gke.3000
  • The following control planes and nodes with auto-upgrade enabled will beupgraded with this release:

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.100 is now the default version in the Stable channel.
  • Version1.17.17-gke.5400 is now available in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.17.17-gke.3700
    • 1.18.16-gke.2100
  • The following control planes and nodes with auto-upgrade enabled in theStable channel will be upgraded with this release:

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.17-gke.100 is now the default version in the Regular channel.
  • The following versions are now available in the Regular channel:
  • Version 1.18.16-gke.2100 is no longer available in the Regular channel.
  • The following control planes and nodes with auto-upgrade enabled in theRegular channel will be upgraded with this release:

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1900 is now the default version in the Rapid channel.
  • Version 1.19.9-gke.1400 is no longer available in the Rapid channel.
  • The following control planes and nodes with auto-upgrade enabled in theRapid channel will be upgraded with this release:

May 03, 2021

Feature

Thekubelet graceful node shutdown feature is now enabled on preemptible and GPU accelerator nodes running versions 1.20.5-gke.500 or later.

April 29, 2021

Change

For GKE clusters withWindows Server nodes,node names will now be limited to 15-characters to allow for Active Directory joining.

Fixed

Fixes for the following GKE Autopilot clusters issues are rolling out to the Rapid release channel:

  • Pods with a priority lower than -10 would not trigger scale up.
  • Pod anti-affinity might cause overscaling.

April 27, 2021

Change

(2021-R14) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.4900 is now available in the Stable channel.
  • Version1.18.17-gke.100 is now available in the Stable channel
  • Version 1.18.16-gke.302 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.16-gke.2100 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.16-gke.2100 is now the default version in the Regular channel.
  • Version1.18.17-gke.100 is now available in the Regular channel.
  • Version 1.18.16-gke.502 is no longer available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.17 to version1.18.16-gke.2100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to version1.18.16-gke.2100 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.1400 is now the default version in the Rapid channel.
  • Version1.19.9-gke.1900 is now available in the Rapid channel.
  • Version1.20.5-gke.2000 is now available in the Rapid channel.
  • Version 1.19.9-gke.700 is no longer available in the Rapid channel.
  • Version 1.20.5-gke.1300 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.18 to version1.19.9-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.9-gke.1400 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.5-gke.2000 with this release.
Feature

Multi-Instance GPU on GKE is available inPreview.

April 21, 2021

Change

SeeGKE release schedule for information on the current versions rollout and support schedule. SeeVersioning for details on the GKE version suppport and life cycle.

April 20, 2021

Change

(2021-R13) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.3700 is now the default version in the Stable channel.
  • Version1.18.16-gke.2100 is now available in the Stable channel.
  • Version 1.17.17-gke.3000 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.16 to version1.17.17-gke.3700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.17 to version1.17.17-gke.3700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.18 to version1.18.16-gke.302 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.16-gke.2100 is now available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.19 to version1.19.8-gke.1600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.700 is now the default version in the Rapid channel.
  • Version1.19.9-gke.1400 is now available in the Rapid channel.
  • Version1.20.5-gke.1300 is now available in the Rapid channel.
  • Version 1.19.9-gke.100 is no longer available in the Rapid channel.
  • Version 1.20.5-gke.800 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.18 to version1.19.9-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.9-gke.700 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.5-gke.1300 with this release.
Security

The Kubernetes project recentlyannounced a new security vulnerability,CVE-2021-25735,that could allow node updates to bypass a Validating Admission Webhook. For more details, see theGCP-2021-003 security bulletin.

April 19, 2021

Issue

Due to GKE Autopilot restrictions on the kubelet API surface, theDatadog Agent is not operating correctly on Autopilot mode clusters.

April 14, 2021

Change

(2021-R12) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.3000 is now the default version in the Stable channel.
  • Version1.17.17-gke.3700 is now available in the Stable channel.
  • Version 1.17.17-gke.2800 is no longer available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.16 to version1.17.17-gke.3000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from version 1.17 to version1.17.17-gke.3000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.8-gke.1600 is now available in the Regular channel.
  • Version 1.18.16-gke.302 is no longer available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.9-gke.100 is now the default version in the Rapid channel.
  • Version1.19.9-gke.700 is now available in the Rapid channel.
  • Version1.20.5-gke.800 is now available in the Rapid channel.
  • Version 1.19.8-gke.2000 is no longer available in the Rapid channel.
  • Version 1.20.5-gke.101 is no longer available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.18 to version1.19.9-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.9-gke.100 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.5-gke.800 with this release.
Feature

The widely usedIngress API has graduated to general availability in Kubernetes 1.19. Thev1beta1 IngressAPI is deprecated, and will no longer be served in versions 1.22 and later.Before version 1.21, identify and transition clients and manifests using thev1beta1 Ingress API to usenetworking.k8s.io/v1.

Clusters with Google Cloud's operations suite enabled can use the followingquery to identify clients that access the Ingressv1beta1 APIs:

resource.type="k8s_cluster"resource.labels.cluster_name="$CLUSTER_NAME"protoPayload.authenticationInfo.principalEmail:("system:serviceaccount"OR"@")protoPayload.request.apiVersion=("extensions/v1beta1"OR"networking.k8s.io/v1beta1")protoPayload.request.kind="Ingress"NOT("kube-system")

Identify and transition clients and manifests using thev1beta1 Ingress APIsto usenetworking.k8s.io/v1 before version 1.21 is released on GKE(approximately in June 2021), then verify no clients are using thev1beta1 APIduring the version 1.21 timeframe. Workloads using thev1beta1 APIs need to beupgraded before your cluster is upgraded to GKE 1.22.

To migrate manifests tonetworking.k8s.io/v1, perform the following:

  1. Rename thespec.backend field (if specified) tospec.defaultBackend.
  2. Rename eachbackend.serviceName field tobackend.service.name.
  3. Rename each numericbackend.servicePort field tobackend.service.port.number.
  4. Rename each stringbackend.servicePort field tobackend.service.port.name.
  5. Specify apathType field for each defined path. Options arePrefix,Exact, andImplementationSpecific. To match the undefinedv1beta1behavior, useImplementationSpecific.

As an example, to migrate this v1beta1 manifest to v1:

Original v1beta1 manifestEquivalent networking.k8s.io/v1 manifest
apiVersion:networking.k8s.io/v1beta1kind:Ingressmetadata:name:examplespec:backend:serviceName:default-backendservicePort:80rules:-http:paths:-path:/testpathbackend:serviceName:testservicePort:80
apiVersion:networking.k8s.io/v1kind:Ingressmetadata:name:examplespec:defaultBackend:service:name:default-backendport:number:80rules:-http:paths:-path:/testpathpathType:ImplementationSpecificbackend:service:name:testport:number:80
Feature

CertificateSigningRequest v1 API

The CertificateSigningRequest API has graduated tocertificates.k8s.io/v1 inKubernetes 1.19. Thev1beta1 CertificateSigningRequest API is deprecated andwill no longer be served in version 1.22 and later.

Clusters with Google Cloud's operations suite enabled can use the followingquery to identify clients that access the CertificateSigningRequestv1beta1APIs:

resource.type="k8s_cluster"resource.labels.cluster_name="$CLUSTER_NAME"protoPayload.authenticationInfo.principalEmail:("system:serviceaccount"OR"@")protoPayload.request.apiVersion="certificates.k8s.io/v1beta1"NOT("kube-system")

Identify and transition clients and manifests using thev1beta1CertificateSigningRequest API to usecertificates.k8s.io/v1 before version1.21 is released on GKE (approximately in June 2021), then verify no clientsare using thev1beta1 API during the version 1.21 timeframe. Workloads usingthev1beta1 API need to be upgraded before your cluster is upgraded to GKEversion 1.22.

Differences between thev1beta1 andv1 API are as follows:

  • For API clients requesting certificates:
    • spec.signerName is now required, and requests forkubernetes.io/legacy-unknown are notallowed to be created via thecertificates.k8s.io/v1 API.
    • spec.usages is now required, may not contain duplicate values, andmust only contain known usages.
  • For API clients approving or signing certificates:
    • status.conditions may not contain duplicate types.
    • status.conditions[*].status is now required.
    • status.certificate must be PEM-encoded, and must contain onlyCERTIFICATE blocks.
Change

Admission webhooks and custom resource conversion webhooks must use servingcertificates that contain the server name in asubjectAltName extension.Server names in the certificateCommonName will not be honored in futureversions.

Feature

Seccomp General Availability (GA)

Seccomp (secure computing mode) support for Kubernetes has graduated to GeneralAvailability (GA). This feature can be used to increase the workload security byrestricting the system calls for a Pod (applies to all containers) or individualcontainers.

A newseccompProfile field is added to Pod and ContainersecurityContextobjects, starting in Kubernetes version 1.19.

securityContext:seccompProfile:# "Unconfined", "RuntimeDefault", or "Localhost"type:Localhost# only necessary if type == LocalhostlocalhostProfile:my-profiles/profile-allow.json

The alpha seccomp annotationsseccomp.security.alpha.kubernetes.io/pod andcontainer.seccomp.security.alpha.kubernetes.io/...are deprecated in favor of the GA API field. The alpha annotations will not behonored in Kubernetes versions 1.22 and later.

Prepare for transition

If you are currently using Seccomp annotations on Pods or Containers, you shouldidentify and transition workloads using the annotations to set the API fieldsbefore version 1.21 is released on GKE (approximately in June 2021). No changeonPodSecurityPolicy is required, as it supportsboth annotation and field seccomp profiles.You can perform the following recommended steps:

Locate Seccomp annotation usages

In your Kubernetes manifest files, search for"seccomp.security.alpha.kubernetes.io/pod"and"container.seccomp.security.alpha.kubernetes.io/".

Add or update securityContext fields

Based on your annotation usage, add or update (ifsecurityContext alreadyexists) thesecurityContext field in the Pod or Container spec. Theannotations can be left in place, but must match the securityContext API field.

Current annotation usageAdd or updatesecurityContext
seccomp.security.alpha.kubernetes.io/podIn the Pod'ssecurityContext, add theseccompProfile field.
container.seccomp.security.alpha.kubernetes.io/container-nameIn thecontainer-name container'ssecurityContext, add theseccompProfile field.

Set values for seccompProfile

Thetype field ofseccompProfile corresponds to the annotation value, andlocalhostProfile field corresponds to the path followinglocalhostannotation value.

Current annotation valueseccompProfile value
unconfined
seccompProfile: type: Unconfined
runtime/default ordocker/default
seccompProfile: type: RuntimeDefault
localhost/path/to/profile.json
seccompProfile: type: Localhost localhostProfile: path/to/profile.json

More resources

Change

The basic authentication method is no longer available starting withKubernetes version 1.19. GKE clusters also no longer support basicauthentication as they gradually upgrade to Kubernetes version 1.19. Basicauthentication has been disabled by default for new GKE clusters since GKEversion 1.12 and its usage has been discouraged in theHardening your cluster's securityguide. Migrate away from basic authentication before your cluster controlplanes are upgraded to Kubernetes version 1.19 to ensure your API clientscan continue accessing the API server. To learn more about recommendedauthentication methods in GKE, seeAuthenticating to the Kubernetes API Server.

Issue

Admission webhooks andcustom resource conversion webhooks using invalid serving certificates that do not contain the server name in asubjectAltName extension cannot be contacted by the Kubernetes API server in1.19 prior to version 1.19.9-gke.400. This will be resolved in version1.19.9-gke.400, and automatic upgrades from 1.18 to 1.19 will not begin untilthis issue is resolved. However, affected webhooks should work to correct theirserving certificates in order to work correctly with Kubernetes version 1.22 andlater.

Change

With the release of GKE node version 1.19, the Container-Optimized OS withDocker (cos) variant is deprecated. Please migrate to theContainer-Optimized OS with Containerd (cos_containerd) variant, which isnow the default GKE node image. For instructions, seeContainerd images.

Change

1.19 GA

GKE version 1.19 is now generally available (GA).

Before upgrading to 1.19, read theKubernetes 1.19 Release Notes especially theUrgent upgrade notes.

See below for notable changes and features in version 1.19.

Change

kube-proxy now usesEndpointSlices by default.

Issue

Service API objects with more than 100 ports do not work correctly withEndpointSlices (https://issue.k8s.io/99382). This will be resolved in version1.19.9-gke.600, and automatic upgrades from 1.18 to 1.19 will not begin untilthis issue is resolved.

April 06, 2021

Change

Versions no longer available

The following versions are no longer available for new clusters or upgrades:

  • Versions 1.15 and earlier.
Change

(2021-R11) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.16-gke.502 is now the default version.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.17 to version1.18.16-gke.502 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to version1.18.16-gke.502 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.8-gke.2000 is now the default version.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.19.8-gke.1600
    • 1.20.4-gke.2200
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.18 to version1.19.8-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.8-gke.2000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.5-gke.100 with this release.

March 29, 2021

Change

(2021-R10) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.2800 is now the default version.
  • The following versions are now available:
  • The following versions are no longer available:
    • 1.15.12-gke.6002
    • 1.16.15-gke.10600
    • 1.16.15-gke.11800
    • 1.16.15-gke.7801
    • 1.17.15-gke.800
    • 1.17.17-gke.1100
    • 1.18.12-gke.1210
    • 1.18.14-gke.1200
    • 1.18.14-gke.1600
    • 1.18.15-gke.1100
    • 1.18.15-gke.1102
    • 1.18.15-gke.1500
    • 1.18.16-gke.1200
    • 1.18.16-gke.500
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversions 1.17 and earlier to version1.17.17-gke.2800 with this release.
  • Control planes and nodes with auto-upgrade enabled will be upgraded fromversion 1.18 to version1.18.16-gke.302 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.2800 is now the default version in the Stable channel.
  • The following versions are no longer available in the Stable channel:
    • 1.16.15-gke.7801
    • 1.17.17-gke.1101
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from versions 1.17 and earlier to version1.17.17-gke.2800 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.16-gke.302 is now the default version in the Regular channel.
  • Version1.18.16-gke.502 is now available in the Regular channel.
  • The following versions are no longer available in the Regular channel:
    • 1.18.15-gke.1501
    • 1.18.15-gke.1502
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to version1.18.16-gke.302 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.8-gke.1600 is now the default version in the Rapid channel.
  • The following versions are now available in the Rapid channel:
  • The following versions are no longer available in the Rapid channel:
    • 1.19.8-gke.1000
    • 1.20.4-gke.1800
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.8-gke.1600 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.4-gke.2200 with this release.

March 24, 2021

Change

Theeurope-central2regionin Warsaw is now available.

March 23, 2021

Feature

Workload Identity for Windows Servernodes is now available in GKE versions 1.18.16-gke.1200, 1.19.8-gke.1300, 1.20.4-gke.1500, and later.

Change

Windows Server, version 1909 is reachingend of support on May 11, 2021. Newer WindowsServer image versions are available in GKE versions 1.19.8-gke.1600+ and1.20.4-gke.500+.

Announcement

Starting tomorrow, March 24, 2021, the mechanism we use to create GKE releasenotes will change. Although this change does not affect the content of thenotes, it does affect the presentation and underlying syntax. If you subscribeto the XML feed for this page, entries for March 24 and earlier will be updatedas a result of changes to formatting and syntax; the content itself did notchange.

The feed URL will also change fromhttps://cloud.google.com/feeds/kubernetes-engine-release-notes.xmltohttps://cloud.google.com/feeds/gke-main-release-notes.xml. We willautomatically redirect from the old URL to the new one.

March 19, 2021

Feature

Added support formultiple pod CIDRs(available inPreview)which allows users to specify a different Pod CIDR for a new node pool than theone specified during cluster creation. This alleviates the problem of runningout of Pod IP addresses for under provisioned clusters.

Feature

You can dynamically update the network tags, node labels and node taints of anexisting GKE node pool. This feature is available inPreview.For more information, seeApplying updates to node pool metadata.

Feature

Google canonical error codes are now available in GA. GKE operations now use thecanonical error model to report errors.

March 16, 2021

Feature

All ports(Preview) isavailable for internal load balancer Services on GKE. All ports lets you openmore than 5 ports on a TCP/UDP load balancer that is being used with GKE. Thisfeature is in Preview for new GKE clusters on version 1.18 and is automaticallyenabled when subsetting is enabled on the GKE cluster.

Change

(2021-R9) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.2800 is now available in the Stable channel.
  • Control planes and nodes with auto-upgrade enabled in the Stable channelwill be upgraded from versions 1.17 and earlier to version1.17.17-gke.1101 with this release.
  • Version 1.17.17-gke.1100 is no longer available in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.15-gke.1501 is now the default version in the Regular channel.
  • Version1.18.15-gke.1502 is now available in the Regular channel.
  • Version1.18.16-gke.302 is now available in the Regular channel.
  • Control planes and nodes with auto-upgrade enabled in the Regular channelwill be upgraded from version 1.18 to version1.18.15-gke.1501 with this release.
  • Version 1.18.12-gke.1210 is no longer available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.8-gke.1000 is now the default version in the Rapid channel.
  • Version1.19.8-gke.1600 is now available in the Rapid channel.
  • Version1.20.4-gke.1800 is now available in the Rapid channel.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.19 to version1.19.8-gke.1000 with this release.
  • Control planes and nodes with auto-upgrade enabled in the Rapid channelwill be upgraded from version 1.20 to version1.20.4-gke.1800 with this release.
  • Version 1.19.7-gke.2503 is no longer available in the Rapid channel.
  • Version 1.20.4-gke.400 is no longer available in the Rapid channel.
Feature

Internal TCP/UDP load balancer subsetting(Preview) isavailable on GKE. With subsetting, GKE clusters using internal load balancerServices can scale beyond 250 nodes. This feature is in Preview for new GKEclusters on version 1.18 and existing clusters on version 1.19. Subsettingremoves thecurrent node scale limitationsassociated with GKE internal TCP/UDP load balancers.

March 10, 2021

Feature

40 Kubernetes metricsas part ofCloud Operations for GKEare now generally available.

Change

Starting in version 1.19.8-gke.1000, in the Rapid release channel, the--can-ip-forward flag is disabled for all new clusters. Existing VPC-nativeclusters when upgraded to 1.19.8-gke.1000 will set the--can-ip-forward flagtodisabled.

March 05, 2021

Change

(2021-R8) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.17-gke.1101 is now available in the Stable channel. This version is now the default.
  • Auto-upgrading nodes and control planes in the Stable channel upgrade fromversions 1.17 and earlier to version1.17.17-gke.1100 with this release.
  • Version 1.15.12-gke.6002 is no longer available in the Stable channel.
  • Version 1.16.15-gke.7800 is no longer available in the Stable channel.
  • Version 1.17.15-gke.800 is no longer available in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.15-gke.1501 is now available in the Regular channel.
  • Version 1.18.15-gke.1102 is no longer available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.7-gke.2503 is now available in the Rapid channel. This version is now the default.
  • Version1.19.8-gke.1000 is now available in the Rapid channel.
  • Version1.20.4-gke.400 is now available in the Rapid channel.
  • Auto-upgrading nodes and control planes in the Rapid channel upgrade fromversion 1.19 to version1.19.7-gke.2503 with this release.
  • Auto-upgrading nodes and control planes in the Rapid channel upgrade fromversion 1.20 to version1.20.4-gke.400 with this release.
  • Version 1.19.7-gke.1500 is no longer available in the Rapid channel.
  • Version 1.20.2-gke.2500 is no longer available in the Rapid channel.

March 02, 2021

Feature

Starting with GKE version 1.19.7-gke.2000 (minimum GKE node version: 1.18.12-gke.1203, 1.19.6-gke.800), the Compute Engine persistent disk Container StorageInterface (CSI) Driver for Windows(Preview) isavailable in GKE. This feature allows you to take advantage of the latestpersistent disk features without having to manually manage the CSI driverlifecycle. The CSI driver provides access to features such as volume snapshotand volume expansion. For more information, seeUsing the Compute Engine persistent disk CSI Driver.

Feature

The GKEService Level Agreement now covers the Regular channel for both Standard and Autopilot modesof operation.

February 25, 2021

Feature

You can now create clusters using the Autopilot mode. Autopilotis a new mode of operation in GKE that is designed to reducethe operational cost of managing clusters, optimize your clusters forproduction, and yield higher workload availability. For more information, seetheAutopilot overviewandblog post.

Change

1.20 available in the Rapid channel

Kubernetes 1.20 is now available in the Rapid channel. Before upgrading to1.20.2-gke.2500, read theKubernetes 1.20 ReleaseNotes especially theUrgent upgrade notes andDeprecations sections.

Change

(2021-R7) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.15-gke.1102 is now available in the Regular channel.
  • Version 1.18.12-gke-1206 is no longer available in the Regular channel.
  • Auto-upgrading control planes in the Regular channel automatically upgradefrom version 1.18 to version1.18.12-gke.1210 with this release.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion1.18.12-gke.1210 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.7-gke.1500 is the new default version in the Rapid channel.
  • Version1.19.7-gke.2503 is now available in the Rapid channel.
  • Version1.20.2-gke.2500 is now available in the Rapid channel. Before upgrading to 1.20.2-gke.2500,read the1.20 available in the Rapid channel sectionin the release notes.
  • Version 1.19.7-gke.1302 is no longer available in the Rapid channel.
  • Auto-upgrading control planes in the Rapid channel automatically upgradefrom version 1.19 to version1.19.7-gke.1500 with this release.
  • Auto-upgrading control planes in the Rapid channel automatically upgradefrom version 1.20 to version1.20.2-gke.2500 with this release.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.19 to version1.19.7-gke.1500 with this release.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.20 to version1.20.2-gke.2500 with this release.
Change

RuntimeClass graduated to GA in version 1.20: Thenode.k8s.io/v1beta1 RuntimeClass API has graduated tonode.k8s.io/v1 withno changes. API clients and manifests should switch to using thenode.k8s.io/v1API after version 1.20. Thenode.k8s.io/v1beta1 API is deprecated and will nolonger be served starting in version 1.25.

Change

Starting in version 1.20, timeouts on exec probes are honored, anddefault to 1 second if unspecified. If you have Pods using exec probes, ensurethat they can easily complete in 1 second or explicitly set an appropriatetimeout. For more information, seeConfigureProbes.

Change

As of version 1.20, the kubelet no longer creates thetarget_path forNodePublishVolume in accordance with the CSI spec. If you have self-managed CSIdrivers deployed in your cluster, ensure that they are idempotent and do anynecessary mount creation or verification. For more information, see Kubernetesissue#88759.

Change

Themetadata.selfLink field,deprecated since version 1.16, is no longer populated in version 1.20. See Kubernetesissue #1164 for details. A related bug in thek8s.io/client-golibrary in theGetReference function was fixed in versions 0.15.9 or later, 0.16.4 orlater, and 0.17.0 or later. Clients using theGetReference function shouldupgrade to one of those versions ofclient-go or newer in order to workcorrectly against an API Server running version 1.20 or later.

Fixed

Non-deterministic treatment of objects with invalidownerReferences was fixed in version 1.20. Run thekubectl-check-ownerreferences tool prior to upgrade to locate existing objects with invalidownerReferences.

  • A namespaced object with anownerReference to another namespaced objectwhich does not exist in the same namespace is now consistently treated ashaving a missing owner and is deleted.

  • A cluster-scoped object with anownerReference to a namespaced object isnow consistently treated as having an unresolvable owner, and is ignoredby the garbage collector.

  • Starting in version 1.20, when a namespace mismatch between a child and ownerobject is detected, an event with a reason code ofOwnerRefInvalidNamespace is recorded.

February 22, 2021

Feature
Issue

Customers using the Config Connector add-on with private clusters might see anissue with all resource requests timing out. Affected customers must manuallycreate a firewall rule that allows your cluster control plane to initiate TCPconnections to your nodes on port 9443. For more information, seeAdding firewall rules for specific use cases.This issue will be fixed in a future release.

Change

This note was updated on March 2, 2021. The issue with the Config Connectoradd-on with private clusters is a known issue, not a fixed issue.

Fixed

GKE version 1.19.7-gke.1500 contains a fix for a performanceissue in NodeLocal DNSCache. For more information, seeNodeLocalDNS timeout errors.

February 17, 2021

Change

This note was updated on March 3, 2021. Version 1.15.12-gke.6002 is stillavailable in the Stable channel for R6.

Feature

Multi-cluster Services(MCS) is now Generally Available (GA) for GKE versions 1.17 and later. MCSprovides a Kubernetes-native interface to build Kubernetes applications thatspan multiple clusters.

MCS enables existing Services to be discoverable and accessible across clusterswith a virtual IP, matching the behavior of aClusterIP Serviceaccessible in a cluster.

Change

(2021-R6) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.11800 is now available.
  • Version1.17.17-gke.1500 is now available.
  • Version1.18.15-gke.1500 is now available.
  • Version 1.15.12-gke.6002 is no longer available.
  • Version 1.16.15-gke.6000 is no longer available.
  • Version 1.16.15-gke.6900 is no longer available.
  • Version 1.16.15-gke.7300 is no longer available.
  • Version 1.17.14-gke.1600 is no longer available.
  • Version 1.17.15-gke.300 is no longer available.
  • Version 1.18.12-gke.1205 is no longer available.
  • Version 1.18.15-gke.800 is no longer available.
  • Auto-upgrading control planes automatically upgrade from version 1.15 toversion1.16.15-gke.7800 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1206 is now available in the Regular channel. This version is now the default.
  • Version 1.17.14-gke.1600 is no longer available in the Regular channel.
  • Version 1.17.15-gke.800 is no longer available in the Regular channel.
  • Auto-upgrading control planes in the Regular channel automatically upgradefrom version 1.17 to version1.18.12-gke.1206 with this release.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.18.12-gke.1206 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.19.7-gke.1302 is now available in the Rapid channel. This version is now the default.
  • Version1.19.7-gke.1500 is now available in the Rapid channel.
  • Version 1.18.12-gke.1206 is no longer available in the Rapid channel.
  • Version 1.19.7-gke.800 is no longer available in the Rapid channel.
  • Auto-upgrading control planes in the Rapid channel automatically upgradefrom version 1.18 to version1.19.7-gke.1302 with this release.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.19.7-gke.1302 with this release.
Fixed

GKE version 1.16.15-gke.11800 contains a fix for thecertificate update issueinInternal Ingress.

Change

The COS image for GKE 1.16 clusters is nowcos-77-12371-1109-0.

February 16, 2021

Fixed

For clusters using a 1.19 version, with theContainer-Optimized OS with Containerd (cos_containerd)node image, the issue wheredockerd (the Docker Daemon) is not running at boot is now fixed.

February 09, 2021

Change

(2021-R5) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.15-gke.800 is now available. This version is now the default.
  • Version1.16.15-gke.11000 is now available.
  • Version1.17.17-gke.1100 is now available.
  • Version1.18.12-gke.1210 is now available.
  • Version1.18.15-gke.1100 is now available.
  • Version 1.16.15-gke.4901 is no longer available.
  • Version 1.17.14-gke.400 is no longer available.
  • Auto-upgrading control planes automatically upgrade from version 1.15 toversion1.16.15-gke.6000 with this release.
  • Auto-upgrading control planes automatically upgrade from version 1.16 toversion1.17.15-gke.800 with this release.
  • Auto-upgrading control planes automatically upgrade from version 1.17 toversion1.17.15-gke.800 with this release.
  • Auto-upgrading nodes automatically upgrade from version 1.15 to version 1.17.15-gke.800 with this release.version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes automatically upgrade from version 1.16 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes automatically upgrade from version 1.17 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes automatically upgrade from version 1.18 to version1.18.12-gke.1206 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.15-gke.800 is now available in the Stable channel. This version is now the default.
  • Version 1.17.14-gke.1600 is no longer available in the Stable channel.
  • Auto-upgrading control planes in the Stable channel automatically upgradefrom version 1.15 to version1.16.15-gke.6000 with this release.
  • Auto-upgrading control planes in the Stable channel automatically upgradefrom version 1.16 to version1.17.15-gke.800 with this release.
  • Auto-upgrading control planes in the Stable channel automatically upgradefrom version 1.17 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.15 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.16 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.17 to version1.17.15-gke.800 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.15-gke.800 is now available in the Regular channel. This version is now the default.
  • Version1.18.12-gke.1210 is now available in the Regular channel.
  • Version 1.18.12-gke.1205 is no longer available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.17.15-gke.800 with this release.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.18 to version1.18.12-gke.1206 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1210 is now available in the Rapid channel. This version is now the default.
  • Version1.19.7-gke.1302 is now available in the Rapid channel.
  • Version 1.18.12-gke.1205 is no longer available in the Rapid channel.
  • Version 1.19.6-gke.1700 is no longer available in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.12-gke.1206 with this release.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.19 to version1.19.7-gke.800 with this release.
Change

February 10, 2021 updates: The node auto-upgrade from 1.15 to version1.16.15-gke.6000 was removed from the Stable channel. The version1.17.14-gke.1600 is no longer available in the Stable channel.

Change

February 23, 2021 updates: The control plane auto-upgrade from1.15 to 1.16.15-gke.6000 was added to the Stable and No channels. The controlplane auto-upgrade from 1.16 and 1.17 to 1.17.15-gke.800 was added to the Stableand No channels. The node upgrades from 1.15, 1.16, and 1.17 to version1.17.15-gke.800 were added to the Stable and No channels.

February 05, 2021

Feature

E2 is now the default machine type for node auto-provisioning. To continue using the N1 machine type, usethecloud.google.com/machine-family node selector. This change applies toclusters using a 1.19 version.

Feature

By default, newly created clusters are enrolled in the Regularrelease channelwhen the following flags are not specified:--cluster-version,--release-channel,--no-enable-autoupgrade, and--no-enable-autorepair.

Feature

Node auto-provisioning supports the machine-family toleration by choosing the custom machine family for creating the node pool. This change applies to clusters using a 1.19 version.

Feature

Cluster Autoscaler now scales from 0 node pools, if Pods require ephemeralstorage. However, scaling from 0 node pools remains unsupported for node poolsthat useephemeral storage on local SSDs, as opposed tothe boot disk. Node auto-provisioning scales up for Pods that explicitly requireephemeral storage. This change applies to clusters using a 1.19 version.

February 02, 2021

Change

This note was updated on February 10, 2021. The node auto-upgrade from 1.15 toversion 1.16.15-gke.6000 was removed from the No channel and Stable channel.

Change

(2021-R4) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1206 is now available in the Rapid channel.
  • Version1.19.7-gke.800 is now available in the Rapid channel.
  • Version 1.19.6-gke.600 is no longer available in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.19 to version1.19.6-gke.1700 with this release.

January 28, 2021

Change

2021-04-07 update: Added a previously reported security bulletin to this releases note.

Issue

For clusters using a 1.19 version, with theContainer-Optimized OS with Containerd (cos_containerd)node image,dockerd (the Docker Daemon) is not running at boot. It needs to be started manually.This issue will be fixed in a future release.

Security

A vulnerability was recently discovered in the Linux utilitysudo, described inCVE-2021-3156, that may allow an attacker with unprivileged local shell access on a system with withsudoinstalled to escalate their privileges to root on the system. GKE clusters are not affected by this vulnerability. For more information, see theGCP-2021-001 security bulletin.

January 25, 2021

Change

(2021-R3) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.14-gke.1600 is now available in the Regular channel. This version is now the default.
  • Version 1.17.14-gke.400 is no longer available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.17.14-gke.1600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

January 22, 2021

Change

Support forLegacy LoggingandLegacy Monitoringfor GKE is extended to GKE versions 1.16 and 1.17.Cloud Operations for GKEremains the default configuration for GKE 1.16 and 1.17. Bothexisting and new 1.16 and 1.17 clusters can use either of the two logging options.

Change

GKE will gradually begin using theKonnectivity service for versions 1.19.4-gke.200 and later. Konnectivity replaces SSHtunnels between the control plane and nodes with a more secure TCP proxy. Thechange will first be introduced for non-private clusters.

Feature

Multidimensional Pod autoscaling is now available in beta in the Rapid releasechannel. With this feature, you can use horizontal scaling based on CPU andvertical scaling based on memory at the same time. To learn more, seeConfiguring multidimensional Pod autoscaling.

Change

The Ubuntu image for GKE 1.16 clusters isnowubuntu-gke-1804-1-16-v20201116.

This version includes the following improvements:

  • USN-4627-1 CVEs is fixed
  • A patch for the GPU driver installer for Ubuntu withcontainerd

January 19, 2021

Change

1.19 available in the Rapid channel

Kubernetes 1.19 is now available in Rapid channel. Before upgrading to1.19.6-gke.600, readKubernetes 1.19 Release Notes especially theUrgent upgrade notes section.

Feature

The CertificateSigningRequest API has graduated tocertificates.k8s.io/v1 inKubernetes 1.19. The v1beta1 CertificateSigningRequest API is deprecated andwill no longer be served in 1.22+.

Clusters with Google Cloud's operations suite enabled can use the followingquery to identify clients that access the CertificateSigningRequest v1beta1APIs:

resource.type="k8s_cluster"resource.labels.cluster_name="$CLUSTER_NAME"protoPayload.authenticationInfo.principalEmail:("system:serviceaccount"OR"@")protoPayload.request.apiVersion="certificates.k8s.io/v1beta1"NOT("kube-system")

Identify and transition clients and manifests using the v1beta1CertificateSigningRequest API to usecertificates.k8s.io/v1 before 1.21 isreleased on GKE (approximately in June 2021), then verifying noclients are using the v1beta1 API during the 1.21 timeframe. Workloads usingthe v1beta1 API need to be upgraded before your cluster is upgraded toGKE 1.22.

Differences between the v1beta1 and v1 API are as follows:

  • For API clients requesting certificates:

    • spec.signerName is now required, and requests forkubernetes.io/legacy-unknown are notallowed to be created using thecertificates.k8s.io/v1 API
    • spec.usages is now required, cannot contain duplicate values,and must only contain known usages

  • For API clients approving or signing certificates:

    • status.conditions cannot contain duplicate types
    • status.conditions[*].status is now required
    • status.certificate must be PEM-encoded, and must contain onlyCERTIFICATE blocks
Change

(2021-R2) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.14-gke.1600 is now available in the Stable channel.
  • Version 1.17.14-gke.1200 is no longer available in the Stable channel.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.15 to version1.16.15-gke.6000 with this release.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.17 to version1.17.14-gke.1600 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.14-gke.1600 is now available in the Regular channel.
  • Version1.18.12-gke.1205 is now available in the Regular channel.
  • Version 1.17.14-gke.1200 is no longer available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.18 to version1.18.12-gke.1205 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1205 is now available in the Rapid channel. This version is now the default.
  • Version1.19.6-gke.600 is now available in the Rapid channel. Before upgrading to 1.19.6-gke.600,read the1.19 available in the Rapid channelsection in the release notes.
  • Version 1.18.12-gke.1200 is no longer available in the Rapid channel.
  • Version 1.18.12-gke.1202 is no longer available in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.12-gke.1205 with this release.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.19 to version1.19.6-gke.600 with this release.
Change

Basic authentication with a passwordhas been removed in Kubernetes 1.19. Clusters upgraded to 1.19 can no longer usebasic authentication to authenticate users to the control plane.

Feature

Seccomp (secure computing mode) support for Kubernetes has graduated to GeneralAvailability (GA). This feature can be used to increase the workload security byrestricting the system calls for a Pod (applies to all containers) or individualcontainers.

A newseccompProfile field is added to Pod and Container securityContextobjects, starting in Kubernetes 1.19.

securityContext:seccompProfile:# "Unconfined", "RuntimeDefault", or "Localhost"type:Localhost# only necessary if type == LocalhostlocalhostProfile:my-profiles/profile-allow.json

The alpha seccomp annotationsseccomp.security.alpha.kubernetes.io/pod andcontainer.seccomp.security.alpha.kubernetes.io/…are deprecated in favor of theGA API field. The alpha annotations will not be honored in Kubernetes 1.22+.

If you are currently using Seccomp annotations on Pods or Containers, you shouldidentify and transition workloads using the annotations to set the API fieldsbefore 1.21 is released on GKE (approximately in June 2021). Nochange on PodSecurityPolicy is required, as it supportsboth annotation and field seccomp profiles.You can follow the recommended steps below:

  1. Locate Seccomp annotation usages. In your Kubernetes manifest files, searchfor "seccomp.security.alpha.kubernetes.io/pod" and"container.seccomp.security.alpha.kubernetes.io/"".

  2. Add or update securityContext fields. Based on your annotation usage, add orupdate (if securityContext already exists) the securityContext field in Pod orContainer spec. The annotations can be left in place, but must match thesecurityContext API field.

    Current annotation usageAdd or update securityContext
    seccomp.security.alpha.kubernetes.io/podIn Pod's securityContext, add seccompProfile field.
    container.seccomp.security.alpha.kubernetes.io/CONTAINER_NAMEInCONTAINER_NAME's securityContext, add seccompProfile field.

  3. Set values for seccompProfile. Thetype field of seccompProfile correspondsto the annotation value, andlocalhostProfile field corresponds to the pathfollowinglocalhost annotation value.

    Current annotation valueseccompProfile value
    unconfinedseccompProfile:
    type: Unconfined
    runtime/default
    ordocker/default    		seccompProfile:
    type: RuntimeDefault
    localhost/path/to/profile.jsonseccompProfile:
    type: Localhost
    localhostProfile: path/to/profile.json

For more details, see the following pages:

Feature

The widely usedIngress API has graduated to general availability in Kubernetes 1.19. The v1beta1 IngressAPI is deprecated, and will no longer be served in 1.22+. Before 1.21,identify and transition clients and manifests using the v1beta1 Ingress API tousenetworking.k8s.io/v1.

Clusters with Google Cloud's operations suite enabled can use the followingquery to identify clients that access the Ingress v1beta1 APIs:

resource.type="k8s_cluster"resource.labels.cluster_name="$CLUSTER_NAME"protoPayload.authenticationInfo.principalEmail:("system:serviceaccount"OR"@")protoPayload.request.apiVersion=("extensions/v1beta1"OR"networking.k8s.io/v1beta1")protoPayload.request.kind="Ingress"NOT("kube-system")

Identify and transition clients and manifests using the v1beta1 Ingress APIs tousenetworking.k8s.io/v1 before 1.21 is released on GKE(approximately in June 2021), then verify no clients are using the v1beta1 APIduring the 1.21 timeframe. Workloads using the v1beta1 APIs need to be upgradedbefore your cluster is upgraded to GKE 1.22.

To migrate manifests to networking.k8s.io/v1:

  1. Rename thespec.backend field (if specified) tospec.defaultBackend
  2. Rename eachbackend.serviceName field tobackend.service.name
  3. Rename each numericbackend.servicePort field tobackend.service.port.number
  4. Rename each stringbackend.servicePort field tobackend.service.port.name
  5. Specify apathType field for each defined path. Options arePrefix,Exact, andImplementationSpecific. To match the undefined v1beta1behavior, useImplementationSpecific.

As an example, to migrate this v1beta1 manifest to v1:

v1beta1 manifest

apiVersion:networking.k8s.io/v1beta1kind:Ingressmetadata:name:examplespec:backend:serviceName:default-backendservicePort:80rules:-http:paths:-path:/testpathbackend:serviceName:testservicePort:80

v1 manifest

apiVersion:networking.k8s.io/v1kind:Ingressmetadata:name:examplespec:defaultBackend:service:name:default-backendport:number:80rules:-http:paths:-path:/testpathpathType:ImplementationSpecificbackend:service:name:testport:number:80

January 11, 2021

Feature

In all GKE versions 1.14 or later,Google Cloud's operations suite for GKEadds two new options for configuring which logs and metrics are collected:

  1. System and workload logging only (Monitoring disabled).
  2. System monitoring only (Logging disabled).
Feature

TheCompute Engine persistent disk Container Storage Interface (CSI)Driveris now generally available in GKE. It allows you to take advantage of the latestpersistent disk features without having to manually manage the CSI driverlifecycle.

For newly created clusters, the Compute Engine persistent disk CSI Driver isinstalled by default for the following cluster versions:

  • 1.18.10-gke.2101 and later
  • 1.19.3-gke.2100 and later

For all clusters, PersistentVolumeClaims created without specifying aStorageClass will continue to trigger volume provisioning using the in-treegcePersistentDisk volume plugin. Only StorageClasses that reference theprovisioner namepd.csi.storage.gke.io will provision using the CSI driver. Fordetails, refer toUsing the Compute Engine persistent disk CSI Driver.

January 08, 2021

Change

(2021-R1) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.6000 is now available. This version is now the default.
  • Version1.17.14-gke.400 is now available.
  • Version 1.14.10-gke.50 is no longer available.
  • Version 1.14.10-gke.902 is no longer available.
  • Version 1.14.10-gke.1504 is no longer available.
  • Version 1.15.12-gke.20 is no longer available.
  • Version 1.15.12-gke.4000 is no longer available.
  • Version 1.15.12-gke.4002 is no longer available.
  • Version 1.15.12-gke.5000 is no longer available.
  • Version 1.15.12-gke.6001 is no longer available.
  • Version 1.16.15-gke.4300 is no longer available.
  • Version 1.16.15-gke.4301 is no longer available.
  • Version 1.16.15-gke.5500 is no longer available.
  • Version 1.17.13-gke.2001 is no longer available.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.14 to version1.15.12-gke.6002 with this release.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.16 to version1.16.15-gke.6000 with this release.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.17 to version1.17.14-gke.400 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.6000 is now available in the Stable channel. This version is now the default.
  • Version1.17.14-gke.1200 is now available in the Stable channel.
  • Version 1.15.12-gke.20 is no longer available in the Stable channel.
  • Version 1.15.12-gke.6001 is no longer available in the Stable channel.
  • Version 1.16.15-gke.4300 is no longer available in the Stable channel.
  • Version 1.16.15-gke.4301 is no longer available in the Stable channel.
  • Version 1.16.15-gke.4901 is no longer available in the Stable channel.
  • Version 1.16.15-gke.5500 is no longer available in the Stable channel.
  • Auto-upgrading nodes in the Stable channel automatically upgrade from version 1.16 to version1.16.15-gke.6000 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.14-gke.400 is now available in the Regular channel. This version is now the default.
  • Version 1.17.13-gke.2600 is no longer available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.17.14-gke.400 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1201 is now available in the Rapid channel. This version is now the default.
  • Version1.18.12-gke.1205 is now available in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.12-gke.1201 with this release.
Issue

We have discovered an issue withInternal Ingresson GKE that may require your actionif you have HTTPS enabled (either through pre-sharedcertificates or Kubernetes Secrets). This issue does not affectExternal Ingressresources orMultiClusterIngressresources.

What do I need to know?

For internal Ingress on GKE versions 1.17.x and earlier, there is a known issueconcerning SSL Certificate Updates on internal Ingress resources. Updating thecertificate is not possible for pre-shared or Secrets-based certificates (whichincludes Kubernetes certificate managers). Updates to existing certificates oninternal Ingress resources will not complete if attempting to update the Ingressresource.

In order to replace the certificate on an existing Ingress, the Ingress must bedeleted and re-deployed. Manual updates using thegcloud compute target-https-proxies update allow a certificate to be updatedon an existing Ingress without recreation, but any manual updates areoverwritten by the Ingress controller if the Ingress is updated again.

What do I need to do?

If you intend to update your TLS Spec or Pre-shared Cert Spec on yourInternal Ingress, you must do so bydeleting your Ingressand recreating it as soon as possible, until you are able to upgrade to apatched version. Versions 1.16 are expected to be patched this month.

December 17, 2020

Feature

Internal Ingressfor Internal HTTP(S) Load Balancing is now GA for1.17.13-gke.2600+ and 1.18.10-gke.800+.Note that thecertificate update issue is now patchedin these GA versions. Internal Ingress for GKE 1.16 will be patched in anupcoming release.

December 14, 2020

Change

Node image changes

Change

(R41) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.7300 is now available.
  • Version1.17.14-gke.1600 is now available.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.14 to version1.15.12-gke.6001 with this release.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.16 to version1.16.15-gke.4300 with this release.
  • Auto-upgrading nodes in the no channel automatically upgrade from version1.17 to version1.17.13-gke.2600 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.4901 is now available in the Stable channel. This version is now the default.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.16 to version1.16.15-gke.4300 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.13-gke.2600 is now available in the Regular channel. This version is now the default.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.17.13-gke.2600 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Fixed

When usingephemeral storage on local SSDs, reserved space is now calculated from the number of SSDs, instead of the size ofthe boot disk. Learn more atAllocatable local ephemeral storage resources.

December 08, 2020

Deprecated

With the release of GKE node version 1.19, the Container-Optimized OS withDocker (cos) variant is deprecated. Please migrate to the Container-OptimizedOS with Containerd (cos_containerd) variant, which is now the default GKE nodeimage. For instructions, seeContainerd images.

December 07, 2020

Change

(R40) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.1200 is now available in the Rapid channel.
  • Version 1.18.12-gke.300 is now the default in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.12-gke.300 with this release.
  • Version 1.18.10-gke.2701 is no longer available in the Rapid channel.

December 01, 2020

Change

(R39) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.4301 is now available.
  • Version1.16.15-gke.6000 is now available.
  • Version1.17.13-gke.1401 is now available.

  • Version1.17.14-gke.400 is now available.

    This release setssysctl net.netfilter.nf_conntrack_tcp_be_liberal=1 onthe node image. This discourages netfilter from resetting TCP connections.

  • Version1.19.4-gke.700 is now available.

    This version is available in preview. Before creating GKE v1.19 clusters,youmust review theknown issues andurgent upgrade notes.

  • Version 1.19.3-gke.2100 is no longer available.

  • Version 1.19.3-gke.2700 is no longer available.

  • Auto-upgrading nodes in the no channel automatically upgrade from version1.17 to version1.17.13-gke.1401 with this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.13-gke.1401 is now available in the Regular channel.
  • Version 1.17.13-gke.1400 is no longer available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.17 to version1.17.13-gke.1401 with this release.
  • 1.17.13-gke.2001 is now the default version in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.12-gke.300 is now available in the Rapid channel. This version is now the default.
  • Version 1.18.10-gke.2701 is now the default version in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.10-gke.2701 with this release.
  • Version 1.18.10-gke.2101 is no longer available in the Rapid channel.

November 24, 2020

Change

The November 17, 2020 release removed the following GKE versions:

  • Version 1.16.13-gke.401 is no longer available.
  • Version 1.19.3-gke.1500 is no longer available.
  • Version 1.16.13-gke.401 is no longer available in the Stable channel.
  • Version 1.17.12-gke.1504 is no longer available in the Regular channel.
  • Version 1.18.10-gke.1500 is no longer available in the Rapid channel.

November 17, 2020

Change

This note was updated on November 24, 2020.

Change

(R38) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.10-gke.2701 is now available in the Rapid channel. This version is now the default.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.10-gke.2101 with this release.
Fixed

Theissue from September 28, 2020 with Container ThreatDetection on GKE 1.18 is resolved in GKE versions 1.18.9-gke.1300 andlater and 1.19.2-gke.2000 and later.

Change

You can now usebalanced persistent disks(pd-balanced) as a GKE node boot disk type. You create node pools withpd-balanced boot disks using the Cloud SDK and Google Cloud API.

November 13, 2020

Feature

You can now specifycustom network endpoint group (NEG) names.This feature is in beta.

Issue

For internal Ingress on GKE versions earlier than 1.18.10-gke.600 there is aknown issue concerning SSL Certificate Updates on internal Ingress resources.Updating the certificate is not possible for pre-shared or Secrets-basedcertificates (which includes Kubernetes certificate managers). In order toreplace the certificate on an existing Ingress, the Ingress must be deleted andre-deployed. Manual updates using the gcloud compute target-https-proxies updateallow a certificate to be updated, but any manual updates are overwritten by theIngress controller if the Ingress is updated again.

The GKE release notes will be updated when the patch is available.

Feature

HTTPS redirects for Ingressare now in beta. An external HTTP load balancer can redirect unencrypted HTTPrequests to an HTTPS load balancer that uses the same IP address.

Feature

Custom health checksacross all Ingress types for 1.17.12-gke.500+ are now generally available. Withcustom health checks, you specify parameters in a Kubernetes BackendConfig.

Feature

SSL policiesfor GKE external Ingress for 1.17.6-gke.11+ are now generally available. SSLpolicies allow you to specify a set of TLS versions and ciphers that the loadbalancer uses to terminate HTTPS traffic from clients.

November 12, 2020

Change

New clusters created with thev1alpha1 andv1beta1 APIs install theCompute Engine persistent disk Container Storage Interfaceby default (CSI) Driver for the following cluster versions:

  • 1.18.10-gke.2101 and higher
  • 1.19.3-gke.2100 and higher
Change

(R37) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.10-gke.2101 is now available in the Rapid channel.
  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.10-gke.1500 with this release.
  • Version 1.18.10-gke.1500 is the new default version in the Rapid channel.

November 06, 2020

Feature

Node pools running GKE 1.18 and higher can now be configured to use local SSDfor ephemeral storage withemptyDir volumes. For more information, seeUsing local SSDs.This feature is in beta.

November 04, 2020

Change

(R36) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.18.10-gke.1500 is now available in the Rapid channel.

    This release setssysctl net.netfilter.nf_conntrack_tcp_be_liberal=1 onthe node image. This discouragesnetfilter from resetting TCP connections.

  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.18 to version1.18.10-gke.601 with this release.

Change

Support for LegacyLoggingandMonitoringfor Google Kubernetes Engine is extended to GKE 1.15. Google Cloud's operationssuite remains the default configuration for GKE 1.15. Both existing and new GKE1.15 clusters can use either of the two logging options.

October 28, 2020

Change

(R35) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.15-gke.3500 is now available.
  • Version1.17.13-gke.600 is now available.
  • Version1.19.3-gke.2 is now available.
  • Auto-upgrading nodes and control planes upgrade from version 1.14 toversion 1.15.12-gke.20 during this release.
  • Auto-upgrading nodes and control planes upgrade from version 1.17 toversion 1.17.12-gke.1504 during this release.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.10-gke.601 is now available in the Rapid channel.
  • Version 1.18.9-gke.1501 is no longer available in the Rapid channel.
Versions no longer available

The following versions are no longer available for new clusters or cluster upgrades:

  • 1.17.12-gke.1501
  • 1.18.9-gke.1501
Issue

There is a known issue with Config Connector component versions 1.24.0 and1.25.0. Clusters with many resources being managed might fail with error code413 while communicating with Google Cloud.

The following GKE versions are affected:

  • 1.15.12-gke.6001 (R34)
  • 1.16.15-gke.2601 (R34)
  • 1.16.15-gke.3500 (R35)
  • 1.17.12-gke.2502 (R34)
  • 1.17.13-gke.600 (R35)
  • 1.18.9-gke.2501 (R34)

October 20, 2020

Change

(R34) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.13-gke.403 is now available in the Stable channel.
  • Auto-upgrading control planes from version 1.15 to version 1.16.13-gke.401during this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.12-gke.1501 is now available in the Regular channel.
  • Version1.17.12-gke.1504 is now available in the Regular channel.
  • Version 1.17.12-gke.1504 is the new default version in the Regular channel.
  • Version 1.17.9-gke.1504 is no longer available in the Regular channel.
  • Version 1.17.9-gke.6300 is no longer available in the Regular channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.9-gke.2501 is now available in the Rapid channel.
  • Version 1.18.9-gke.2501 is the new default version for clusters in the Rapid channel.
  • Version 1.18.9-gke.801 is no longer available in the Rapid channel.
Versions no longer available

The following versions are no longer available for new clusters or clusterupgrades:

  • 1.17.9-gke.1504
  • 1.17.9-gke.6300

October 19, 2020

Fixed

A fix for the issue reported onSeptember 16, 2020 wherecustom resources in theistio-system namespace were deleted when upgradingfrom GKE 1.16 to 1.17 and 1.18 is now available.

Upgrade to one of the following unaffected versions to avoid having to manuallyrecreate these resources:

  • 1.17.12-gke.1501 and higher
  • 1.18.9-gke.1501 and higher

The issue only occurs during upgrades, so new clusters created in earlierversions are unaffected.

October 16, 2020

Issue

There is a known issue impacting both LTSC and SAC Windows Server images on GKEversions 1.17.x and 1.18.x. New Windows nodes take longer to join the clusterwhich may cause node pool creation, auto-scaling, and auto-repair operations totime out.

We recommend not upgrading clusters with Windows Server nodes pools to thefollowing versions:

  • 1.17.12-gke.1501
  • 1.18.9-gke.1501

GKE versions beyond the affected versions will not have the startup timeregression. Upgrade to versions greater than 1.17.12-gke.1501 and 1.18.9-gke.1501 when they become available.

October 12, 2020

Change

(R33) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Auto-upgrading nodes and control planes upgrade from 1.14 to version1.15.12-gke.20 during this release.
  • Auto-upgrading control planes from version 1.15 to version 1.16.13-gke.401during this release.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.9-gke.1501 is now available in the Rapid channel.
  • Version 1.18.9-gke.801 is the new default version for clusters in the Rapidchannel.
  • Version 1.17.9-gke.1504 is no longer available in the Rapid channel.
  • Version 1.18.6-gke.4801 is no longer available in the Rapid channel.
  • Auto-upgrading nodes and control planes upgrade from version 1.17, 1.18 toversion 1.18.9-gke.801 during this release.
Fixed

A newWindows node image versionthat fixesCVE-2020-1472 is now available. For more information, see theGCP-2020-013 security bulletin.

October 06, 2020

Issue

There is a known issue with the upgrade from GKE 1.16 to 1.17. Any customresources you created in theistio-system namespace are deleted during anupgrade to 1.17. These resources must be manually recreated. We recommend notupgrading clusters with the Istio addon to 1.17 until the fix is rolled out. Theissue only occurs during upgrades, so new clusters are not affected.

The fix was not included in release R31 aspreviously reported.

October 02, 2020

Change

(R32) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.15.12-gke.4000 is now available.
  • Version1.16.15-gke.500 is now available.
  • Version1.17.12-gke.500 is now available.
  • Version 1.16.13-gke.401 is the new default version for clusters with no channel.
  • Auto-upgrading control planes upgrade from version 1.14 to version1.14.10-gke.50 during this release.
  • Auto-upgrading control planes upgrade from version 1.15 to version1.15.12-gke.20 during this release.
  • Auto-upgrading nodes control planes upgrade from version 1.16 to version1.16.13-gke.401 during this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version 1.16.13-gke.401 is the new default version in the Stable channel.
  • Auto-upgrading nodes and control planes upgrade from version 1.15 toversion 1.15.12-gke.20 during this release.
  • Auto-upgrading nodes and control planes upgrade from version 1.16 toversion 1.16.13-gke.401 during this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.9-gke.6300 is now available in the Regular channel.
  • Version 1.17.9-gke.1504 is the new default version in the Regular channel.
  • Auto-upgrading control planes upgrade from versions 1.16 and 1.17 toversion 1.17.9-gke.1504 during this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Versions no longer available

The following versions are no longer available for new clusters or cluster upgrades:

  • 1.15.12-gke.2
  • 1.15.12-gke.9
  • 1.15.12-gke.13
  • 1.15.12-gke.16
  • 1.15.12-gke.17
  • 1.16.13-gke.1
  • 1.16.13-gke.400
Feature

In GKE 1.18 and later, for clusters using anoptimize-utilization autoscaling profile,the scheduler name in the Pod spec is set togke.io/optimize-utilization-scheduler.

September 28, 2020

Issue

IfContainer Threat Detectionis enabled on GKE clusters that have a version of 1.18.6-gke.2100 or later, itcauses all Linux nodes to go into a reboot loop.

September 25, 2020

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

GKE will gradually upgrade clusters' control planes only to Kubernetes 1.16,beginning on or after October 6, 2020.

Node poolswill not be auto-upgraded to 1.16 at this time, but can bemanually upgraded completing the following instructions.

Once rolled out, 1.16 will become the most mature control plane version in theKubernetes fleet, with newer versions available on the Rapid and Regularchannels. In turn, older control plane versions will be deprecated andeventually removed from the fleet. Periodically deprecating and eventuallyremoving beta APIs is part of a standard process to ensure that all Kubernetesfleets evolve and all APIs continue to be up-to-date.

More information is available in theGKE documentationandfrom the Kubernetes project.

What do I need to do?

  1. Test and qualify 1.16 in a pre-production environment. We highlyrecommend testing upgrades in a staging or testing environment beforerolling them out to production.
  2. Migrate to use the current API versions before your clusters are upgradedto Kubernetes 1.16 to ensure your API clients and resource manifests canaccess and update API resources without interruption.

You can manually upgrade node pools to 1.16:

If you are concerned about disruption,use maintenance windows and exclusions to control when the upgrade will occur.

Issue

If you have the Istio on GKE add-on enabled on a cluster, there is a known issuewith the upgrade from GKE 1.16 to 1.17 versions lower than 1.17.9-gke.6300 (R30or earlier). Any custom resources you created in theistio-system namespaceare deleted during an upgrade to 1.17 (R30 or earlier). These resources must bemanually recreated. We recommend that Istio on GKE users upgrade only to R31 ora later version that doesn't have the issue. The issue only occurs duringupgrades, so new clusters are not affected.

Feature

Node Auto-Provisioningnow lets you set default values for the following features:

  • Customer-managed encryption keys (CMEK)
  • Secure Boot and Integrity Monitoring
  • Boot disk type and size

The default value will be used by all newly created node pools.

Change

(R31) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.9-gke.6300 is now available.
  • Auto-upgrading control planes upgrade from version 1.16 to version1.16.13-gke.401 during this release.
  • Auto-upgrading control planes upgrade from version 1.17 to version1.17.9-gke.1504 during this release.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

September 16, 2020

Issue

If you have the Istio on GKE add-on enabled on a cluster, there is a known issuewith the upgrade from GKE 1.16 to 1.17. Any custom resources you created in theistio-system namespace are deleted during an upgrade to 1.17 (R30 or earlier).These resources must be manually recreated. We recommend that Istio on GKE usersdo not upgrade to GKE 1.17 until a patch release fixes the issue. The fix willbe rolled out in GKE release R31.

September 15, 2020

Change

(R30) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version 1.15.12-gke.20 is the new default version for clusters with no channel.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version 1.15.12-gke.20 is the new default version in the Stable channel.
  • Version 1.15.12-gke.2 is no longer available in the Stable channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.18.6-gke.4801 is now available in the Rapid channel.
  • Version 1.18.6-gke.3504 is the new default version in the Rapid channel.
  • Version 1.17.9-gke.1503 is no longer available in the Rapid channel.
  • Version 1.18.6-gke.3503 is no longer available in the Rapid channel.
  • Auto-upgrading nodes and control planes upgrade from version 1.17 toversion 1.17.9-gke.1504 during this release.

September 14, 2020

Change

(R29.1) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

There is a known issue that prevents creatingRapid channel clusters on 1.18. To create a cluster on the Rapid channel,create a Rapid channel cluster on 1.17, and then manually upgrade to 1.18.

Security

A vulnerability was recently discovered in the Linux kernel, described inCVE-2020-14386,that may allow container escape to obtain root privileges on the host node. AllGKE nodes are affected. For more information, see theGCP-2020-012 security bulletin.

A fix is available in all versions included in this release.

September 08, 2020

Feature

TaintBasedEvictionsare generally available in GKE in 1.18 clusters.

Change

In GKE 1.18,Shielded Nodesare enabled by default for newly created clusters. Clusters upgrading to 1.18are unaffected by this change.

Shielded Nodes are only compatible with Container-Optimized OS and Ubuntuimages. If you are using a custom image or Windows images you should disableShielded Nodes.

Change

Kubernetes 1.18 available on GKE

Kubernetes 1.18 is now available in the Rapid channel. See theKubernetes 1.18 release notes.In particular, see theUrgent Upgrade Notes before upgrading to 1.18.

Issue

Cluster Autoscaler for GKE 1.18 could have problems with very large clusters orscale ups where there are over 5,000 nodes in the cluster or over 1,000 nodesbeing added at the same time. A fix is coming soon.

Change

GKE now allows clusters of up to 15,000 nodes when using GKE 1.18. To scale acluster beyond 5,000 nodes, you must contact support to raise your quota.

Issue

While the Kubernetes API does support the use of theingressClassName andingressClass resources, the Compute Engine ingress controller does not.

Change

GKE clusters in the ERROR state will be automatically deleted.

This change applies to all GKE versions.

September 03, 2020

Change

(R29) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.15.12-gke.17 is now available.
  • Version1.16.13-gke.400 is now available.
  • Auto-upgrading nodes upgrade from version 1.14 to version 1.15.12-gke.2during this release if they have not already done so.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.13-gke.1 is now available in the Stable channel.
  • Version 1.15.12-gke.9 is no longer available in the Stable channel.
Coming soon

Google Kubernetes Engine will begin gradually upgrading clusters in theStable channelto GKE 1.16 in an upcoming release. To read about API deprecations in 1.16,seeKubernetes 1.16 deprecated APIs.

Regular channel

There are no version changes in the Regular channel in this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

August 28, 2020

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

Google Kubernetes Engine will begin gradually upgrading clusters in theStable channelto GKE 1.16 in an upcoming release. To read about API deprecations in 1.16, seeKubernetes 1.16 deprecated APIs.

Feature

Master global access for private clustersis now generally available. With master global access, you can access themaster's private endpoint from any Google Cloud region or on-premisesenvironment no matter what the private cluster's region is.

August 27, 2020

Change

(R28) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Auto-upgrading nodes begin upgrading from version 1.14 to version1.15.12-gke.2 in this release. The auto-upgrades will continue graduallyover the course of several releases.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Auto-upgrading nodes in the Stable channel continue upgrading from version1.14 to 1.15.12-gke.2 during this release. All auto-upgrading nodes thathave not yet upgraded to 1.15.12-gke.2 will upgrade during the R28 rollout.

Regular channel

There are no version changes in the Regular channel in this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version 1.17.9-gke.1703 is no longer available.
Versions no longer available

The following versions are no longer available for new clusters or clusterupgrades:

August 21, 2020

Feature

Dataplane V2is now available in beta in newly created clusters using GKE versions1.17.9-gke.600 and later or 1.18 and later. SeeNew GKE Dataplane V2 increases security and visibility for containerson the Google Cloud Blog for more details.

Feature

Theinternal load balancer Servicetype is now generally available for GKE 1.17.9-gke.600 and later.

Feature

Global accessandconfigurable subnetsfor the internal load balancer Service are now generally available forGKE 1.17.9-gke.600 and later.

Feature

Network policy loggingis now available in beta. Network policy logging requires a cluster withDataplane V2.

Feature

OpenID Connect Discovery Documents are now published for all clusters, whichallows you to configure other software to understand the service account tokensissued by GKE clusters. For more information, see thegetOpenid-configurationandgetJwksin the API reference documentation.

Feature

Google canonical error codesare now available in beta. GKE operations now use thecanonical error modelto report errors.

Feature

The use ofprivate IP address ranges outside of the RFC 1918 ranges is now generallyavailable. These addresses can be used for master nodes, nodes, Pods, andServices.

Fixed

In some cases, certain networking kernel sysctls which were previously set tostatic defaults are now calculated dynamically based upon machine size. Thenetworking sysctls affected include:

  • net.ipv4.tcp_mem
  • net.ipv4.tcp_max_tw_buckets
  • net.ipv4.udp_mem
  • net.ipv4.tcp_max_orphans
  • net.ipv4.tcp_max_syn_backlog

The issue has been fixed in GKE 1.17 in versions 1.17.6-gke.7 and later and in1.16 in 1.16.13-gke.1 and later.

August 20, 2020

Change

(R27) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.18.6-gke.2100 is now available.

    This version is available in preview. Before creating GKE 1.18 clusters,youmust review theknown issues andurgent upgrade notes.

  • Version 1.16.11-gke.5 is no longer available.

  • Auto-upgrading nodes using versions 1.15.12-gke.3 or 1.15.12-gke.6 upgrade to 1.15.12-gke.9 with this release.

  • Auto-upgrading nodes using versions 1.16.9-gke.6 or 1.16.11-gke.5 upgrade to 1.16.13-gke.1 with this release.

Stable channel

There are no version changes in the Stable channel in this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.17.9-gke.1703 is now available in the Rapid channel.
  • Version1.17.9-gke.1503 is now available in the Rapid channel. This version is now the default.
  • Version 1.17.9-gke.600 is no longer available.

August 06, 2020

Change

(R26) Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.141.15.12-gke.2
1.15.12-gke.31.15.12-gke.9
1.15.12-gke.61.15.12-gke.9
1.16.9-gke.61.16.11-gke.5
1.16.10-gke.81.16.11-gke.5
1.17.8-gke.171.17.9-gke.600
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Versions no longer available

The following versions are no longer available for new clusters or cluster upgrades:

  • 1.15.12-gke.3
  • 1.15.12-gke.6
  • 1.16.9-gke.6
  • 1.16.10-gke.8
  • 1.17.6-gke.11
  • 1.17.6-gke.15

July 28, 2020

Change

GKE nodes now have the labelcloud.google.com/machine-family applied. Thevalue of this label is theCompute Engine instance family.

Change

Change default machine type to E2

GKE is changing the default machine type for new clusters and node pools fromn1-standard-1 toe2-medium. This change impacts new node pools created usingversions 1.17.6 and higher. If you do not specify a machine type during yourcluster or node pool creation workflow from node pool version 1.17.6 onwards,the newly provisioned clusters and node pools will default toe2-medium VMs.Note that this change does not impact your existing node pools that areauto-upgraded or manually upgraded to version 1.17.6 or higher.

E2 machine types do not support GPUs, local SSDs or sole tenancy. As such,you will receive an error message advising you to specify a compatible machinetype for your workloads if you:

  • Use node pool version 1.17.6+ to provision new worker nodes using thedefault machine type with either GPUs, local SSDs or Sole tenancy enabled(for example,gcloud container clusters create mycluster --accelerator type=nvidia-tesla-v100, count=2),or
  • Use scripts that provision GPUs or local SSDs and do not specify a specificmachine type. Furthermore, these scripts will not work until you specifyyour desired compatible machine type.

What do I need to do?

Use the following interface(s) of your choice to explicitly configure yourmachine type setting for newly provisioned machines to be anything other thanthe newe2-medium default:

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

  • In the next release (R26), GKE will begin to upgrade control planes inclusters not enrolled in a channel to 1.15. Upgrades will proceed graduallyover several GKE releases.
Change

(R25) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • GKE continues to upgrade control planes in clusters on the Stable channelto 1.15.12-gke.2. Upgrades will proceed gradually over several GKE releases.
  • GKE begins to upgrade nodes in clusters on the Stable channel to 1.15.12-gke.2. Upgrades will proceed gradually over several GKE releases.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.16.13-gke.1 is now available in the Regular channel.
  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.16.9-gke.6 to version1.16.11-gke.5 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.17.9-gke.600 is now available in the Rapid channel.

  • Version1.17.8-gke.17 is now available in the Rapid channel. This version is now the default.

  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.17.7-gke.15 to version1.17.8-gke.17 with this release.

Versions no longer available

The following versions are no longer available for new clusters or cluster upgrades:

  • 1.17.7-gke.15

July 22, 2020

Change

(R24) Version updates

GKE cluster versions have been updated.

New default version

The default version for new clusters is now 1.15.12-gke.2 (previously 1.14.10-gke.36).

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.14.0 to 1.14.10-gke.411.14.10-gke.42
1.15.0 to 1.15.12-gke.11.15.12-gke.2
1.16.0 to 1.16.9-gke.51.16.9-gke.6
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • Version1.15.12-gke.9 is now available in the Stable channel.
  • Auto-upgrading nodes in the Stable channel automatically upgrade fromversion 1.14 to version1.15.12-gke.2 with this release.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.17.8-gke.17 is now available in the Rapid channel.

    This version includes node image upgrades for Ubuntu (ubuntu-gke-1804-1-17-v20200610)and Windows Server (windows-server-1909-dc-core-uefi-gke-v1592940889 andwindows-server-2019-dc-core-uefi-gke-v1592939281).

  • Version1.17.7-gke.15 is now available in the Rapid channel. This version is now the default.

  • Auto-upgrading nodes in the Rapid channel automatically upgrade fromversion 1.17.6-gke.11 to version1.17.7-gke.15 with this release.

Versions no longer available

The following versions are no longer available for new clusters or cluster upgrades:

  • 1.16.8-gke.15
  • 1.16.9-gke.2
  • 1.15.9-gke.24
  • 1.15.11-gke.15
  • 1.15.11-gke.17
  • 1.14.10-gke.36
  • 1.14.10-gke.37
  • 1.14.10-gke.40
  • 1.14.10-gke.41
Security

A privilege escalation vulnerability was recently discovered in Kubernetes. Thisvulnerability allows an attacker that has already compromised a node to executea command in any Pod in the cluster. For more information, see theGCP-2020-009 security bulletin.

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

  • In the next release (R25), GKE will begin to upgrade nodes in clusters ontheStable channel to 1.15.12-gke.2. Upgrades will proceed graduallyover several GKE releases.
  • In the next release (R25), GKE will begin to upgrade nodes in clusters ontheRegular channel to 1.16.11-gke.5. Upgrades will proceed graduallyover several GKE releases.
  • In the next release (R25), GKE will begin to upgrade nodes in 1.16 clustersnot on a release channel to 1.16.9-gke.5. Upgrades will proceed graduallyover several GKE releases.
  • GKE version 1.14 will be deprecated in R26.
Breaking

Starting September 1, 2020, we will automatically delete Google KubernetesEngine (GKE) clusters that have ERROR status.

What do I need to know?

GKE clusters might end up with ERROR status (red exclamation mark in the clusterstatus page) in rare cases when cluster creation or deletion operationencounters an unexpected error. Previously, such clusters remained in youraccounts and could have been partially usable. ERROR status clusters areexcluded from the GKE cluster management fee.

Starting September 1, 2020, we will begin blocking access to such ERROR statusclusters and deleting them automatically.

What do I need to do?

If you are relying on any of the clusters with ERROR status in your projects,stop using them by September 1, 2020.

July 17, 2020

Issue

If you have node pools withkubernetes.io ork8s.io labels and want toupgrade to 1.16, you must remove the labels before upgrading.

For more information on this change, see the KubernetesNode Restriction enhancement.

Feature

SSL Policies which allow policy-enforced TLS and cipher settings are availablein Beta for external Ingress and multi-cluster Ingress. Custom health checks,which allow users to declaratively customize parameters of the load balancerhealth check, are also now available for external, internal, and multi-clusterIngress. For feature support status and version compatibility seeIngress Features.

Feature

Customer Managed Encryption Keys (CMEK) are now generally available for GKE.CMEK for GKE lets you secure your node boot disks as well as attached persistentstorage by encrypting the data encryption keys that encrypt your data. To learnmore, seeUsing customer-managed encryption keys.

Feature

Up to 50 TCP/UDP ports are supported per internal TCP/UDP load balancer IP whendeploying throughGKE Services with shared IP addresses.This also permits multi-protocol TCP and UDP support for the same Service IP.Shared IP is now available in Beta for all existing GKE versions.

Feature

Container-native Ingress using Network Endpoint Groups (NEGs) is now default(with some exceptions) for new Services deployed in GKE 1.17.6-gke.7+ clusters.Thecloud.google.com/neg: '{"ingress": true}' annotation will be automaticallyapplied to any Services deployed in these clusters without any explicit actionfrom users to enable container-native Ingress.

Feature

The BackendConfig CRD is now GA in GKE 1.16-gke.3+ clusters which promotes mostBackendConfig features (IAP, timeouts, affinity, user-defined request headers,and so on) to GA across internal, external, and multi-cluster Ingress. SeeIngress Featuresfor detail on explicit version support.

Change

The Kubernetes Engine Monitoring feature has been renamed in the Google CloudConsole and documentation to Cloud Operations for GKE. No functional changeswere made with this change. Enabling Cloud Operations for GKE continues tocollect logs and metrics for your cluster and workloads as it did before.

July 13, 2020

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

  • In the next release (R24), GKE will begin to upgrade control planes inclusters on theStable channel to 1.15.12-gke.2. Upgrades will proceedgradually over several GKE releases.
  • In an upcoming release, GKE will begin to upgrade nodes in clusters on theStable channel to 1.15.12-gke.2. Upgrades will proceed gradually overseveral GKE releases.
Change

Beginning with this release, GKE releases also include a release number toreference changes. This release is R23 for 2020.

Note: The format of release numbers may change in the future.
Change

(R23) Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

  • Version1.16.11-gke.5 is now available in the Regular channel.

  • Auto-upgrading nodes in the Regular channel automatically upgrade fromversion 1.16.8-gke.15 to version1.16.9-gke.6 with this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Fixed

A bug in gVisor has been fixed. Default gVisor node labels are now applied whenuser-specified labels.

July 02, 2020

Change

Starting with GKE 1.17.6,Vertical Pod Autoscaler recommendations are more fine-grained, starting from 1 mCPU and 1 MiB.

Feature

NodeLocal DNSCacheis now generally available.

Feature

GKE Node System Configurationis now beta. With this feature you can specify custom configurations for Kubeletand Kernel settings on your node pools.

June 29, 2020

Change

Node image changes

GKE 1.14

The COS image for GKE 1.14.10-gke.45 clusters iscos-73-11647-534-0.

GKE 1.15

The COS image for GKE 1.15.12-gke.6 clusters iscos-77-12371-251-0.

Change

Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades

Nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.15.x1.15.11-gke.15
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

June 24, 2020

Issue

There is a known that may cause multiple Pods on the same node to be allocatedwith the same IPv4 address leading to possible service disruption. We willautomatically upgrade your cluster master to the next available patch versionwhich will include a fix to the issue.

What do I need to know?

  • Ensure your cluster(s) are subscribed to arelease channel,or you havenode auto-upgradeenabled. If so, your cluster(s) will be automatically upgraded as describedbelow.
  • If you are experiencing any issues or do not want to use auto-upgrade youcan manually initiate an upgrade at your earliest convenience.

What do I need to do?

If you are experiencing issues and wish to update proactively:

  • Follow the steps in theManually upgrading a clusterpage to upgrade the cluster master.
  • Upgrade your node pool by applying the latest patch available for your nodeversion.
  • Consider usingsurge upgradefor your nodepool upgrade. Surge upgrade allows you to set the number ofadditional nodes to be created temporarily for the upgrade process which thedisruption to running workloads.
  • Use the following table to determine which patch version is applicable foryour cluster(s):
ChannelAction requiredUpgrade targetDate available
No channelUpgrade to the recommended patch version available1.15: Node pool
1.15.12-gke.3 or higher		June 23, 2020
1.16: Node pool
1.16.9-gke.6 or higher		June 30, 2020
RapidPatch will be applied automaticallyMaster and node pool 1.17.6.gke-4 or higherJune 16, 2020
RegularPatch will be applied automaticallyNode pool 1.16.9-gke.6 or higherJune 30, 2020
StableNo action is requiredPatch is not requiredN/A

June 23, 2020

Change

Node image changes

GKE 1.14

The COS image for GKE 1.14.10-gke-43 clusters and iscos-73-11647-459-0.

Change

Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.15.x1.15.11-gke.15
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

June 15, 2020

Feature

Node auto-repairis now enabled by default by the Google Kubernetes Engine API for new node pools.

June 08, 2020

Change

Node image changes

GKE 1.15

GKE release channels

The COS image for GKE clusters in the Rapid release channel is nowcos-81-12871-119-0.

Feature

Theregion asia-southeast2in Jakarta is now available.

Change

Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades

Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

Versions no longer available
  • 1.15.11-gke.3
  • 1.15.11-gke.5
  • 1.15.11-gke.9
  • 1.15.11-gke.11
  • 1.15.11-gke.12

June 02, 2020

Issue

As part of ensuring better representation of available resources on the node fore2 burstable node types, GKE has decided toreduce the allocatable CPUresources available to schedule user workloads (known as thenode allocatable resources)one2-micro,e2-small, ande2-medium machine types.

What do I need to know?

Today,e2-micro,e2-small, ande2-medium have 1930 mCPU of allocatableresources for Kubernetes to schedule Pods on per node, and following this changeit will be 940m CPU. Kubernetes uses the node allocatable resources duringscheduling to decide how many Pods it should place on the node.If yourworkloads are currently requesting more CPU resources than what will beavailable after upgrading, they may become unscheduled after upgrade.

We are making this change in order to more accurately represent the resourcesavailable in these machine types. These machine types can temporarily burst to 2vCPUs, but this is not sustained.The underlying compute capabilities andresources are not changing, the machines retain the ability to temporarilyburst to 2 vCPU, this change only affects how many resources the Kubernetesscheduler considers when allocating Pods to nodes.

When your cluster isupgraded to 1.14.10-gke.42, 1.15.11-gke.18, 1.16.8-gke.17, or 1.17.5-gke.5 (whether you perform thismanuallyor you are automatically upgraded), your workloads may becomeunscheduled if there are not enough allocatable resources in the cluster.

What do I need to do?

Prior to upgrading your nodes to version 1.16.8-gke.17 and 1.17.5-gke.5 or later

Take a moment to review your Pod resource requests. To see the allocatedresources on your node, you can open Kubernetes Engine in theGoogle Cloud Console andselect your cluster. On theNodes tab for your cluster, the columnCPU requested shows the total CPU requests on the node.

Alternatively, from the command line:

  1. Runkubectl get nodes to get a list of node names.
  2. Runkubectl describe nodenode-name and look at theAllocated resources section. Under the columnRequests, find the row forcpu.

If you have nodes of typee2-micro,e2-small, ande2-medium wheremorethan 940mCPU is requested, Pods will be rescheduled onto other nodes afterupgrade. You must have enoughallocatable capacity on other nodes.

To ensure you have enough allocatable capacity, you can:

  • Enable auto-scaling on your node pool. Auto-scaling will automaticallyprovision the right number of nodes automatically, provided the Pod requestsdo not exceed that of the entire node
  • Increase the number of nodes in the cluster, or add larger node types ifyou have Pods that make CPU requests which exceed the capacity of existing nodes
  • Decrease theresource requests made by your workloads on these nodes so that they will still fit after theupgrade, by modifying the CPU resource requests of the PodSpec. Pods will beable to burst to the original CPU capacity for short periods as long asresource limits are not changed.

After you have upgraded your nodes to versions 1.14.10-gke.42, 1.15.11-gke.18,1.16.8-gke.17, or 1.17.5-gke.5 or later:

Review the status of your Pods by runningkubectl get pods.

If any are indicated asPending, it may indicate that there were not enoughresources available to schedule them.Follow the steps above to either addmore nodes, or reduce the CPU resource requests in the PodSpec.

June 01, 2020

Change

Node image changes

GKE 1.14: The Ubuntu image for GKE 1.14.10-gke.40 clusters isubuntu-gke-1804-1-14-v20200219.

Change

Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

May 27, 2020

Issue

Due to a newly discovered issue, the following versions are no longer available:

  • 1.17.5-gke.6
  • 1.16.8-gke.17
  • 1.15.11-gke.14

May 19, 2020

Change

Version updates

GKE cluster versions have been updated.

Scheduled automatic upgrades

Nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.14.x1.14.10-gke.36
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

Existing clusters in the Regular release channel automatically upgrade toversion1.16.8-gke.15 in this release.

Rapid channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Change

etcd version changes

  • In the Rapid release channel, all GKE clusters running 1.17.3-gke.3 and upwill have etcd upgraded to 3.4.7-0-gke.1. All new GKE clusters with1.17.3-gke.3 and up will be created with etcd 3.4.7-0-gke.1.
Change

Node image changes

GKE 1.17

The COS image for GKE 1.17 clusters is nowcos-81-12871-96-0.

Feature

Google Kubernetes Engine now supports the use ofnon-RFC 1918 private address ranges and the private reuse of public IP addressesin VPC-native clusters. For details and caveats about enabling these addresses,seeEnabling non-RFC 1918 reserved IP address ranges.

May 15, 2020

Feature

Container Threat Detectionis now available in Beta. Container Threat Detection can detect the most commoncontainer runtime attacks and alert you in Security Command Center andoptionally in Cloud Logging. Container Threat Detection includes severaldetection capabilities, an analysis tool, and an API.

Container Threat Detection currently supports the following versions on theRegular and Rapidchannels:

  • 1.15.9-gke.12 and higher
  • 1.16.5-gke.2 and higher
  • 1.17 and higher

In a future update, Container Threat Detection will support version 1.14 and theStable channel.

May 13, 2020

Change

Versions no longer available

  • 1.14.10-gke.27
  • 1.14.10-gke31
  • 1.14.10-gke.32
  • 1.14.10-gke.34
Change

Version updates

GKE cluster versions have been updated.

New default version

The default version for new clusters is now 1.14.10-gke.36.

Scheduled automatic upgrades

Masters with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.14.10-gke.271.14.10-gke.36
New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
  • 1.15.11-gke.13 is now available.
  • 1.16.8-gke.15 is now generally available for new clusters. Existing clusters and nodeswill not automatically upgrade in this release.
Important

Before you migrate to GKE 1.16, youmust review:

Stable channel

Regular channel

  • 1.16.8-gke.15 is now generally available for new clusters. Existing clusters and nodeswill not automatically upgrade in this release.
Important

Before you migrate to GKE 1.16, youmust review:

Rapid channel

Change

Node image changes

GKE 1.16

The COS image for GKE 1.16 clusters is nowcos-77-12371-251-0.

GKE 1.17

The COS image for GKE 1.17 clusters is nowcos-81-12871-69-0.

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

Google Kubernetes Engine will gradually upgrade clusters in theRegular channelto GKE 1.16 beginning in an upcoming release. To read more about APIdeprecations in 1.16, seeKubernetes 1.16 deprecated APIs.

May 08, 2020

Feature

Specifying a VPC subnetfor internal Load Balancer Service IPs is now supported as a per-Serviceannotation in GKE clusters 1.16.8-gke.10+ and 1.17+.

May 04, 2020

Change

Node image changes

GKE 1.16

GKE 1.17

The COS image for GKE 1.17 clusters is nowcos-81-12871-69-0.

Change

etcd default version changes

  • The default etcd version for new GKE 1.13 and 1.14 clusters is etcd 3.2.27-0-gke.6
  • The default etcd version for new GKE 1.15 and 1.16 clusters is etcd 3.3.18-0-gke.4
  • The default etcd version for new GKE 1.17 and higher clusters is etcd 3.4.7-0-gke.1

Autoupgrades in existing clusters will occur at a later date.

Announcement

We expect the following changes in the coming weeks. This information is not aguarantee, but is provided to help you plan for upcoming changes.

Google Kubernetes Engine will gradually upgrade clusters in theregular channelto GKE 1.16 beginning in an upcoming release. Read more about API deprecationsin 1.16, seeKubernetes 1.16 deprecated APIs.

Change

Version updates

GKE cluster versions have been updated.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

There are no new releases in the Rapid release channel.

April 29, 2020

Feature

Multi-cluster Ingressis now Generally Available (GA) for all GKE versions 1.14 and up. Multi-clusterIngress provides a Kubernetes-native interface to deploy Ingress resources forinternet traffic across multiple clusters and multiple regions.

Ingress is helpful for use cases including:

  • A global and stable anycast VIP, independent of cluster backends.
  • Multi-regional and multi-cluster high availability.
  • Low latency serving of traffic to the closest cluster.
  • Intelligent and safe traffic management across many clusters.

April 27, 2020

Change

Versions no longer available

  • 1.15.9-gke.24
  • 1.15.9-gke.26
  • 1.15.11-gke.1
Deprecated

RBAC in theapps/v1alpha1 andapps/v1beta1 API versions are deprecated in1.17 and will no longer be served in 1.20. Update your manifests and API clientsto use therbac.authorization.k8s.io/v1 APIs before 1.20 to avoid any issues.

Change

To improve the safety of upgrades and reduce disruption, all new node pools havesurge upgrades turned on by default with the configuration:maxSurge=1maxUnavailable=0. For more information, seeDetermining your optimal surge configuration.

GKE is also gradually reconfiguring existing node pools to use surge upgradeswith the same configuration. Node pools that already haveupgrade_settingsdefined remain unaffected.

Feature

The RuntimeClass scheduler in 1.17 simplifiesscheduling Windows Pods to appropriate nodes

Announcement

Google Kubernetes Engine will gradually upgrade clusters in theregular channelto GKE 1.16.

Deprecated

The following node labels are deprecated in 1.17:

Cluster VersionsDeprecated LabelNew Label
1.14+beta.kubernetes.io/oskubernetes.io/os
1.14+beta.kubernetes.io/archkubernetes.io/arch
1.17+beta.kubernetes.io/instance-typenode.kubernetes.io/instance-type
1.17+failure-domain.beta.kubernetes.io/zonetopology.kubernetes.io/zone
1.17+failure-domain.beta.kubernetes.io/regiontopology.kubernetes.io/region

You must identify any node selectors using beta labels and modify them to use GA labels.

Change

1.17 Changes

The following notable changes are coming in 1.17:

Issue

Known issues with 1.15 and higher

A known kernel bug in Linux kernel 4.18, 4.19, 4.20 and 5.0 may cause softlockupwhen running eBPF workloads. This may affect nodes with GKE version 1.15 orhigher using cos-77-*, and GKE version 1.15 using Ubuntu. Before the fix isreleased, please avoid upgrading nodes to these affected versions if you runeBPF workloads.

Feature

TheRunAsUsernamefeature in 1.17 is now beta and allows specifying the username when running aWindows container.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Upgrading

Although clusters in the Rapid channel upgrade automatically, you should stillreview:

April 24, 2020

Issue

A known kernel bug in Linux kernel 4.18, 4.19, 4.20 and 5.0 may cause softlockupwhen running eBPF workloads. This may affect nodes with GKE version 1.15 orhigher using cos-77-*, and GKE version 1.15 using Ubuntu. Before the fix isreleased, please avoid upgrading nodes to these affected versions if you runeBPF workloads.

Feature

Master global access for private clustersis now available in beta. With master global access, you can access the master'sprivate endpoint from any Google Cloud region or on-premises environment nomatter what the private cluster's region is.

Feature

The ability to create new GKE clusters or update existing GKE clusters with nodepools runningWindows Serveris now generally available.

April 20, 2020

Feature

Theregion us-west4 inLas Vegas is now available.

April 15, 2020

Announcement

Google Kubernetes Engine will gradually upgrade clusters in theregular channelto GKE 1.16.

Change
Note: This release note has been updated since it was originally published.TheComing soon has been amended to reflect that GKEhas not yet started upgrading clusters in theregular channelto GKE 1.16 as previously stated. Additional information has also been added toexplain the issue that 1.15.11-gke.9 fixed.
Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

  • 1.14.10-gke.36 is now available.
  • 1.15.11-gke.9 is now available. This version updates Calico to 3.8.7. This version fixesan issue where Calico Pods would fail to initialize after restarting.The issue occurred because the Calico CNI script tried to overwrite a filewhich was referenced by Kubelet at the same time. For more information onthe fix, see theopen source documentation.
  • 1.17.4-gke.6 is now available inalpha clusters.

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

April 10, 2020

Feature

Ingress access loggingis now a configurable feature calledlogging in versions 1.16.8-gke.10 andlater. This allows Ingress access logging to be toggled on or off through theBackendConfig resource.

Deprecated

HTTP access logging for newly created Ingress resources is being deprecatedacross various GKE versions on May 12th, 2020. Any new Ingress resources createdwith the following versions after May 12th will have access logging disabled forthat Ingress resource and will not record Ingress HTTP requests in CloudLogging. Note that existing Ingress resources will continue to log HTTP requestsunless the Ingress resource is redeployed. The following GKE versions areaffected:

  • 1.12
  • 1.13
  • 1.14 clusters less than 1.14.10-gke.30
  • 1.15 clusters less than 1.15.9-gke.22
  • 1.16 clusters less than 1.16.6-gke.12

Clusters whose masters are on 1.14.10-gke.30, 1.15.9-gke.22, 1.16.6-gke.12 orlater versions are not impacted and HTTP access logging remains defaulted to"on" for all new and existing Ingress resources. If you're currently usingaccess logging for GKE Ingress, we highly recommend upgrading to these versionsor higher before May 12th to avoid loss of HTTP access logs for new Ingressresources.

In GKE 1.18, access logging will be changed to default to "off" for the GKEIngress.Enabling access loggingthrough thelogging parameter is required to enable it for Ingress resources.

Announcement

Google Kubernetes Engine will gradually upgrade clusters in theregular channelto GKE 1.16 beginning on or after April 13, 2020.

April 07, 2020

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Issue

Due to the recent Windows Serversecurity update provided by Microsoft in February 2020, acontainer incompatibility issue was introduced. To avoid disruption to your workloads, we have turned offGoogle Kubernetes Engine (GKE) auto-upgrade for the impacted clusters.

What do I need to know?

As a consequence of Microsoft's security update, your workloads may end up in afailed state due to broken compatibility if the host Windows Server image hasthe security update and the container base image does not have the update.

We have turned off auto-upgrade on the impacted GKE clusters to prevent thiscompatibility issue from affecting your workloads.

The security update will be available in the rapid channel in GKE starting April6, 2020. Beginning April 20, 2020, Windows Server container support in GKE,along with the security update will be available on the regular channel.

What do I need to do?

We strongly recommend you torebuild your container images with thebase Windows images that include Windows Updates from March 2020, then manually upgrade your nodepool to the latest GKE version. Please follow the following steps:

  1. Disable auto-upgradeon the Windows node pool(s).
  2. When the first step is complete,Google will restart the clusterauto-upgrade. Please note that this could take a few days. The cluster'smaster and the Linux node pool(s) will be upgraded. The Windows node poolwill not get upgraded as auto-upgrade is disabled in step number one.
  3. After the cluster master upgrade is complete and you have rebuilt yourcontainer images,manually upgrade your Windows node pool.
  4. After completing step number three, you can turn back on the auto-upgradeoption. If you choose to turn the auto-upgrade option back on, please usemulti-arch(or multi-platform) images to take advantage of the auto-upgrade feature.

Incompatibility issues such as this one are a rare occurrence as it is againstMicrosoft's typical guidance for the security updates. Rest assured that if suchissues occur again, we will keep you posted. Please stay up to date withGKE's release notesfor the latest info.

If you have any questions or require assistance,pleaseemail usor contactGoogle Cloud Support.

April 01, 2020

Security

A vulnerability was recently discovered in Kubernetes that allows any userauthorized to make POST requests to execute a remote Denial-of-Service attack ona Kubernetes API server. For more information, see theGCP-2020-003 security bulletin.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.15.9-gke.221.15.9-gke.24
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

There are no new releases in the Stable release channel.

Regular channel

Rapid channel

Versions no longer available
  • 1.15.9-gke.22

March 26, 2020

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New default version

The default version for new clusters is now 1.14.10-gke.27.

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.14.0 to 1.14.10-gke.261.14.10-gke.27
1.15.0 to 1.15.9-gke.211.15.9-gke.22
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Versions no longer available
  • 1.14.10-gke.17
  • 1.14.10-gke.21
  • 1.14.10-gke.22
  • 1.14.10-gke.24
  • 1.15.8-gke.3
  • 1.15.9-gke.12

March 23, 2020

Change

You can no longer apply the labels ofkubernetes.io ork8s.io to node pools.Existing node pools with these labels aren't affected. For more information onthis change, see the KubernetesNodeRestriction enhancement.

March 20, 2020

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.13.0 to 1.13.12-gke.251.14.10-gke.17
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

There are no new releases in the Stable release channel.

Regular channel

There are no new releases in the Regular release channel.

Rapid channel

Versions no longer available
  • 1.15.9-gke.8
  • 1.15.9-gke.9

March 16, 2020

Fixed

Theissue reported February 14with private clusters withVPC peering reuseenabled has been resolved.

Feature

Workload Identityis now generally available in versions 1.14.10-gke.27 andabove, 1.15.9-gke.22 and above, and 1.16.6-gke.12 and above. Workload Identityis the recommended way to access Google Cloud services from within GKE clusters.

Feature

Enabling TPUs on existing clustersis now in Beta. With this feature you can toggle Cloud TPU support instead ofcreating new clusters and migrating your workloads.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New default version

The default version for new clusters is now 1.14.10-gke.24

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.13.12 or lower1.14.10-gke.17
Note: Clusters usingrelease channelsare auto-upgraded when new versions are available in their channel as noted inthe following sections.

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

Stable channel

Regular channel

Rapid channel

Versions no longer available

The following version is no longer available to create a new cluster:

  • 1.13.12-gke.30
Feature

You can now usenode auto-provisioningto create node pools with preemptible VMs from clusters running in the Regularrelease channel.

March 06, 2020

Change
Feature

The user interface for creating clusters inGoogle Cloud Consolehas been redesigned. The new design makes it easier to follow GKE best practices.

Deprecated

The 1.16 release stops serving the following API versions in favor of newer andmore stable API versions:

  • NetworkPolicy in theextensions/v1beta1 API version, deprecated since1.9, is no longer served. Migrate to thenetworking.k8s.io/v1 API version,available since 1.8.
  • PodSecurityPolicy in theextensions/v1beta1 API version, deprecated since 1.10, is no longer served. Migrate to thepolicy/v1beta1 API version, available since 1.10.
  • DaemonSet in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version, available since 1.9. Notable changes:
    • spec.templateGeneration is removed.
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.updateStrategy.type now defaults to RollingUpdate.
  • Deployment in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version, available since 1.9. Notable changes:
    • spec.rollbackTo is removed.
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.progressDeadlineSeconds now defaults to 600 seconds.
    • spec.revisionHistoryLimit now defaults to 10.
    • maxSurge and maxUnavailable now default to 25%.
  • StatefulSet in theapps/v1beta1 andapps/v1beta2 API versions,deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version,available since 1.9. Notable changes:
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.updateStrategy.type now defaults to RollingUpdate.
  • ReplicaSet in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1API version, available since 1.9. Notable changes:
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
Feature

You can now configure automated deployment for yourexisting GKE workloadswith Cloud Build.

Announcement

1.16 will be moving to the Regular channel.

February 27, 2020

Feature

Ingress for Anthosis now Beta for GKE versions 1.14.x+ and in the Rapid and Regular releasechannels. Ingress for Anthos supports Internet-facing Ingress shared acrossmultiple backend GKE clusters and multiple Google Cloud regions. Ingress can nowsupportuse cases such as multi-regional and multi-cluster availability, low backend touser latency, and seamless cluster migrations.

Feature

Container-native load balancing with standalone network endpoint groups (NEGs)is generally available. You can use Standalone NEGs to create load balancers forseveral use casesincluding backends composed of Kubernetes and non-Kubernetes workloads.

February 25, 2020

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.13.12-gke.251.14.10-gke.17
1.14.81.14.10-gke.17

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

No channel

v.1.13.x
  • There are no new 1.13 versions this week.
v.1.14.x
  • 1.14.10-gke.17
v.1.15.x
  • 1.15.9-gke.12

Stable channel

  • There are no new versions in the Stable channel this week.

Regular channel

  • 1.15.8-gke.3

Rapid channel

  • 1.16.6-gke.4
Versions no longer available

The following versions are no longer available for new clusters or upgrades.

  • 1.13.12-gke.25
  • 1.14.8-gke.33
Deprecated

The v1.16 release stops serving the following API versions in favor of newer andmore stable API versions:

  • NetworkPolicy in theextensions/v1beta1 API version, deprecated since1.9, is no longer served. Migrate to thenetworking.k8s.io/v1 API version,available since 1.8.
  • PodSecurityPolicy in theextensions/v1beta1 API version, deprecatedsince 1.10, is no longer served. Migrate to thepolicy/v1beta1 API version,available since 1.10.
  • DaemonSet in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version, available since 1.9. Notable changes:
    • spec.templateGeneration is removed.
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.updateStrategy.type now defaults to RollingUpdate.
  • Deployment in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version, available since 1.9. Notable changes:
    • spec.rollbackTo is removed.
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.progressDeadlineSeconds now defaults to 600 seconds.
    • spec.revisionHistoryLimit now defaults to 10.
    • maxSurge and maxUnavailable now default to 25%.
  • StatefulSet in theapps/v1beta1 andapps/v1beta2 API versions,deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version,available since 1.9. Notable changes:
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.
    • spec.updateStrategy.type now defaults to RollingUpdate.
  • ReplicaSet in theextensions/v1beta1,apps/v1beta1, andapps/v1beta2API versions, deprecated since 1.9, is no longer served. Migrate to theapps/v1 API version, available since 1.9. Notable changes:
    • spec.selector is now required and immutable after creation; use theexisting template labels as the selector for seamless upgrades.

February 24, 2020

Feature

Ingress for Internal HTTP(S) Load Balancingis now available in Beta in the Rapid release channel. This enables private L7load balancing inside the VPC that can be deployed with Ingress resources.

Feature

The ability touse the Google Cloud Compute Engine Persistent Disk CSI driver in GKEis now in Beta. This feature provides a simple mechanism for users to enable thedriver in GKE.

Feature

Theregion us-west3 inSalt Lake City is now available.

February 21, 2020

Breaking

Starting February 24, 2020, GKE will gradually enableNode Auto Upgradeon all nodepools running on version 1.10.x and older to ensurereliability and supportabilityof these clusters.

February 18, 2020

Change

Node image for Container-Optimized OS updated tocos-77-12371-141-0.

Feature

The--node-locationsflag is now generally available. This flag enables you to specify zones for yournode pools independently of setting the zone for a cluster.

February 14, 2020

Issue

Private clusters created on and after January 15, 2020 that useVPC peering reuse might experience an issue where VPC peering is removed after attempting to reschedule a cluster for deletion after the first attempt fails.

To mitigate this issue, create a private cluster in the same location as yourexisting private clusters. Creating a new cluster recreates the required VPCpeering. You can delete the new cluster after VPC peering is recreated.

February 11, 2020

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New default version

The default version for new clusters is now 1.14.10-gke.17.

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.13.x1.13.12-gke.25

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

No channel

v.1.13.x
  • 1.13.12-gke.25
v.1.14.x
  • 1.14.10-gke.17
v.1.15.x
  • 1.15.9-gke.8

Stable channel

  • 1.14.10-gke.17

Regular channel

  • 1.15.7-gke.23

Rapid channel

  • 1.16.4-gke.30
Versions no longer available

The following versions are no longer available for new clusters or upgrades.

  • 1.13.11-gke.14
  • 1.13.11-gke.15
  • 1.13.11-gke.23 (moved to LEGACY version)
  • 1.13.12-gke.8
  • 1.13.12-gke.13
  • 1.13.12-gke.14
  • 1.13.12-gke.16
  • 1.13.12-gke.17
Feature

Surge upgradesare generally available. Surge upgrades allow you to configure speed anddisruption of node upgrades.

February 04, 2020

Change

All GKE clusters running 1.15 and up will have etcd upgraded toetcd 3.3.18-0-gke.1, and all new GKE clusters with 1.15 and up will becreated withetcd 3.3.18-0-gke.1.

Feature

Autoscaling profilesfor GKE are now available in Beta. Autoscaling profiles let you choose whetherthe cluster autoscaler should optimize for resource utilization or resourceavailability when deciding to remove nodes from a cluster.

January 29, 2020

Feature

Config Syncis now generally available. Config Sync allows you to manage Kubernetesdeployments using files stored in a Git repository.

Feature

GKE Sandboxis now generally available. GKE Sandbox protects the host kernel on your nodeswhen containers in the Pod execute unknown or untrusted code.

Feature

Config Connector isnow generally available. Config Connector is a GKE addon that allows you tomanage your Google Cloud resources through Kubernetes configuration.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.12.x1.13.12-gke.13
1.14.0.x to 1.14.8-gke.321.14.8-gke.33
1.14.9.x to 1.14.9-gke.221.14.9-gke.23
1.14.10.x to 1.14.10-gke.161.14.10-gke.17

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

v.1.13.x
  • There are no new 1.13 versions this week.
v.1.14.x
  • There are no new 1.14 versions this week.
v.1.15.x
  • 1.15.8-gke.2

Stable channel

  • There are no new versions in the Stable channel this week.

Regular channel

  • There are no new versions in the Regular channel this week.

Rapid channel

  • 1.16.4-gke.25
Versions no longer available

The following version is no longer available for new clusters or upgrades.

  • 1.14.7-gke.40

January 27, 2020

Feature

The ability tocreate clusters with node pools running Microsoft Windows Serveris now in Beta. This feature is currently only available in the Rapid releasechannel.

January 24, 2020

Feature

Theregion asia-northeast3in Seoul is now available.

Fixed

This issue was resolved January 27, 2020.

Do not create a cluster with versions 1.15.7-gke.23, 1.14.10-gke.17, or1.14.9-gke.23 if you depend on Workload Identity. Workload Identity is notworking for newly created clusters in these versions due to arecently-discovered issue. Clusters upgraded to one of these versions are notaffected. A fix will be released in the next GKE release. As workaround, you cancreate a cluster at a lower version, then upgrade.

January 22, 2020

Feature

Application Deliveryis now in Beta. This feature manages configurations for your GKE workloadsdeclaratively with Git. For more information, seeApplication Delivery.

Feature

Object Browser isnow available to inspect resources on GKE clusters in Google Cloud Console. Formore information, go toDashboards.

Feature

NodeLocal DNSCacheis now in Beta for GKE clusters 1.15 and above. NodeLocal DNS is an optionalfeature for local DNS resolution to every GKE node for enhanced DNS scale and capacity.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New default version

The default version for new clusters is now 1.13.11-gke.23.

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.12.x1.13.12-gke.13
1.15.x1.15.7-gke.23

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

v.1.13.x
  • 1.13.11-gke.23
  • 1.13.12-gke.25
v.1.14.x
  • 1.14.7-gke.40
  • 1.14.8-gke.33
  • 1.14.9-gke.23
  • 1.14.10-gke.17
v.1.15.x
  • 1.15.7-gke.23

Stable channel and 1.13.x

Stable channel

  • 1.13.11-gke.23

No channel

  • 1.13.11-gke.13
  • 1.13.12-gke.25

Regular channel and 1.14.x

Regular channel

  • 1.14.8-gke.33

No channel

  • 1.14.7-gke.40
  • 1.14.8-gke.33
  • 1.14.9-gke.23
  • 1.14.10-gke.17

Rapid channel and 1.16.x

Rapid channel

  • 1.16.4-gke.22
Versions no longer available

The following versions are no longer available for new clusters or upgrades.

  • 1.14.7-gke.23
  • 1.14.7-gke.25
  • 1.14.8-gke.12
  • 1.14.8-gke.14
  • 1.14.8-gke.17
  • 1.14.8-gke.18
  • 1.14.8-gke.21
  • 1.14.9-gke.2
  • 1.14.10-gke.0
  • 1.15.4-gke.22
  • 1.15.7-gke.2
  • 1.16.0-gke.11 (preview)
  • 1.16.0-gke.20 (preview)
  • 1.16.4-gke.3 (preview)
Change

All private clusters you create nowreuse VPC Network Peering connections.

Change

Node image changes

The COS kernel previously reported on November 22nd, 2019, was discovered tocause kernel panics in certain workloads. The 1.13 and 1.14 versions availablein this release were rolled back to a known stable version of COS. GKE 1.13 and1.14 will continue to use cos-u-73-11647-293-0 while our team works to develop apermanent fix.

January 08, 2020

Issue

Do not update to version 1.16.0-gke.20 if you depend on HPA.Horizontal Pod Autoscaling is not working in this version due to a recentlydiscovered issue. A fix will be released with GKE 1.16.3+.

January 07, 2020

Change

New clusters and node-pools created with the GKE API will have node auto-upgradeenabled by default. This change ensures that your clusters have the most recentdefault Kubernetes version, bug fixes, and security patches. Existing scriptsrunning against the gcloud CLI or integrating with the GKE API will follow thisnew default behavior.

Node autoupgrades keep the nodes in your cluster up to date with the clustermaster version when your master is updated on your behalf. To disable itexplicitly, setautoUpgrade to false in theNodeManagementobject.

Change

Version updates

GKE cluster versions have been updated.

Note: Your clusters might not have these versions available. Rollouts begin onthe day of the note and take four or more business days to be completed acrossall Google Cloud zones.
New default version

The default version for new clusters is now 1.14.8-gke.12 (previously 1.13.11-gke.14).

Scheduled automatic upgrades

Masters and nodes with auto-upgrade enabled will be upgraded:

Current versionUpgrade version
1.12.x1.13.12-gke.13

Rollouts are phased across multiple weeks, to ensure cluster and fleet stability.

New versions available for upgrades and new clusters

The following Kubernetes versions are now available for new clusters and foropt-in control plane upgrades and node upgrades for existing clusters. For moreinformation on the Kubernetes versioning scheme, seeVersioning.

No channel

v.1.13.x
  • 1.13.12-gke.17
v.1.14.x
  • 1.14.10-gke.0
v.1.15.x
  • 1.15.7-gke.2

Stable channel and 1.13.x

Stable channel

There are no changes to the Stable channel this week.

No channel

  • 1.13.12-gke.17

Regular channel and 1.14.x

Regular channel

There are no changes to the Regular channel this week.

No channel

  • 1.14.10-gke.0

Rapid channel and 1.16.x

Rapid channel

There are no changes to the Rapid channel this week.

Versions no longer available

The following versions are no longer available for new clusters or upgrades.

  • 1.12.10-gke.17
  • 1.12.10-gke.20
  • 1.12.10-gke.22
Feature

Consuming reservations in GKE is now generally available. Reservations allow you to reserve resources in a specific zone to ensure sufficient capacity is available for your workloads.

Feature

You can now useCustomer-managed encryption keys (beta) to control the encryption used for node boot disks as well as attached persistent disks in your clusters.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-20 UTC.