Review release notes for Kubernetes versions on standard support

In-Place Pod Resource Resize (Beta): In-place resource resize has been promoted to beta, allowing dynamic updates to CPU and memory resources for existing Pods without restarts - enabling vertical scaling of stateful workloads with zero downtime and seamless resource adjustments based on traffic patterns.

Sidecar Containers Now Stable: Sidecar containers have graduated to stable, implementing sidecars as special init containers with restartPolicy: Always that start before application containers, run throughout the pod lifecycle, and support probes for operational state signaling.

Endpoints API Deprecation: The Endpoints API is now officially deprecated and will return warnings when accessed - migrate workloads and scripts to use the EndpointSlices API instead, which supports modern features like dual-stack networking and handles multiple EndpointSlices per Service.

Elastic Fabric Adapter Support: The default security group for Amazon EKS clusters now supports Elastic Fabric Adapter (EFA) traffic. The default security group has a new outbound rule that allows EFA traffic with the destination of the same security group. This allows EFA traffic within the cluster.

The Memory Manager feature has graduated to Generally Available (GA) status in Kubernetes version 1.32. This enhancement provides more efficient and predictable memory allocation for containerized applications, particularly beneficial for workloads with specific memory requirements.

PersistentVolumeClaims (PVCs) created by StatefulSets now include automatic cleanup functionality. When PVCs are no longer needed, they will be automatically deleted while maintaining data persistence during StatefulSet updates and node maintenance operations. This feature simplifies storage management and helps prevent orphaned PVCs in your cluster.

Custom Resource Field Selector functionality has been introduced, allowing developers to add field selectors to custom resources. This feature provides the same filtering capabilities available for built-in Kubernetes objects to custom resources, enabling more precise and efficient resource filtering and promoting better API design practices.

/healthz

/livez

/readyz

Migrate from EKS Managed Node Groups to EKS Auto Mode

Upgrade from Amazon Linux 2 to Amazon Linux 2023

Create nodes with optimized Bottlerocket AMIs

The beta VolumeAttributesClass feature gate and API resource is enabled in Amazon EKS version 1.31. This feature allows cluster operators to modify mutable properties of Persistent Volumes (PVs) managed by compatible CSI Drivers, including the Amazon EBS CSI Driver. To leverage this feature, ensure that your CSI Driver supports the VolumeAttributesClass feature (for the Amazon EBS CSI Driver, upgrade to version 1.35.0 or later to automatically enable the feature). You will be able to create VolumeAttributesClass objects to define the desired volume attributes, such as volume type and throughput, and associate them with your Persistent Volume Claims (PVCs). See the official Kubernetes documentation as well as the documentation of your CSI driver for more information.

Kubernetes support for AppArmor has graduated to stable and is now generally available for public use. This feature allows you to protect your containers with AppArmor by setting the appArmorProfile.type field in the container’s securityContext. Prior to Kubernetes version 1.30, AppArmor was controlled by annotations. Starting with version 1.30, it is controlled using fields. To leverage this feature, we recommend migrating away from annotations and using the appArmorProfile.type field to ensure that your workloads are compatible.

The PersistentVolume last phase transition time feature has graduated to stable and is now generally available for public use in Kubernetes version 1.31. This feature introduces a new field, .status.lastTransitionTime, in the PersistentVolumeStatus, which provides a timestamp of when a PersistentVolume last transitioned to a different phase. This enhancement allows for better tracking and management of PersistentVolumes, particularly in scenarios where understanding the lifecycle of volumes is important.

With Amazon EKS 1.30, the topology.k8s.aws/zone-id label is added to worker nodes. You can use Availability Zone IDs (AZ IDs) to determine the location of resources in one account relative to the resources in another account. For more information, see Availability Zone IDs for your AWS resources in the AWS RAM User Guide.

Starting with 1.30, Amazon EKS no longer includes the default annotation on the gp2 StorageClass resource applied to newly created clusters. This has no impact if you are referencing this storage class by name. You must take action if you were relying on having a default StorageClass in the cluster. You should reference the StorageClass by the name gp2. Alternatively, you can deploy the Amazon EBS recommended default storage class by setting the defaultStorageClass.enabled parameter to true when installing version 1.31.0 or later of the aws-ebs-csi-driver add-on.

The minimum required IAM policy for the Amazon EKS cluster IAM role has changed. The action ec2:DescribeAvailabilityZones is required. For more information, see Amazon EKS cluster IAM role.