Kubernetes 1.35: The Great Filter
This isn't a feature release. It's a cleanup. Kubernetes 1.35 finally removes the legacy debt (cgroup v1, IPVS) that has been holding platforms back.
I call Kubernetes 1.35 "The Great Filter."
Usually, a Kubernetes release is about what you get. This release is about what you lose.
The maintainers have finally pulled the plug on technical debt that has been lingering for a decade. If you are running a modern, well-maintained platform, you won't notice a thing. But if you are nursing old CentOS 7 nodes or relying on legacy networking hacks, this release will break your cluster. (This is why Platform Engineering is a full-time job).
Here is the damage report.
1. Cgroup v1 is Dead. Truly.
We knew it was coming. It's been deprecated forever. But in 1.35, the kubelet will simply refuse to start if it detects cgroup v1.
The Impact:
- If you are running older Linux distributions (Amazon Linux 2, CentOS 7, older Ubuntu), you cannot upgrade to 1.35.
- Java applications that rely on old JDK versions might struggle to read memory limits correctly on cgroup v2.
The Fix: You don't patch this. You replace your nodes. Move to a modern OS (Amazon Linux 2023, Bottlerocket, Ubuntu 22.04+) immediately.
2. IPVS is Gone
For years, we used kube-proxy in IPVS mode because iptables was too slow at scale. But IPVS involved complex kernel module management and was a nightmare to debug.
Kubernetes 1.35 deprecates it aggressively. The community is pushing everyone toward nftables or bypassing kube-proxy entirely with eBPF (Cilium, Calico).
My Advice: Don't try to migrate to nftables unless you love pain. Just switch to Cilium (or a similar eBPF CNI) and replace kube-proxy entirely. It’s 2026; you shouldn't be managing iptables rules.
3. The "AI" Stuff is Actually Good
It’s not all doom and gloom. 1.35 introduces Dynamic Resource Allocation (DRA) for real this time.
Previously, if you wanted to attach a GPU to a pod, it was a hacky process. With DRA, resource drivers are first-class citizens. You can request "A slice of an A100" or "Any GPU with at least 24GB VRAM," and the scheduler actually understands it.
If you are building an AI platform, this is the feature that makes Kubernetes viable against Slurm.
4. In-Place Pod Resize (Finally GA)
This is the sleeper hit. You can now change CPU/Memory resources on a running pod without restarting it.
Why this is huge for Java apps:
- Java apps hate restarts (cold starts kill performance).
- Now, a Vertical Pod Autoscaler (VPA) can nudge the memory up during a traffic spike without killing the JVM.
The Verdict
Kubernetes 1.35 is a maturity test.
- Failing Grade: You spend 3 months fighting cgroup v1 migrations and fixing custom hacking scripts.
- Passing Grade: You update your node groups to the latest OS, flip a Terraform flag to update the control plane, and go get coffee.
Which one are you going to be?
Stuck on an old version? Contact us at Coding Protocols. We specialize in "un-breaking" legacy Kubernetes clusters.
