Podcast Summary: Kubernetes Podcast from Google

Episode: Kubernetes 1.35: Timbernetes, with Drew Hagen
Hosts: Abdel Sghiouar, Kaslin Fields
Guest: Drew Hagen (Release Lead, Kubernetes 1.35; Senior DevOps Engineer, Medtronic)
Release Date: December 22, 2025

Overview: Main Theme and Purpose

This episode spotlights Kubernetes 1.35, codenamed "Timbernetes," and features Drew Hagen, the release lead, who offers insights into the release cycle, major features, the inspiration behind the new theme and logo, and key deprecations. The conversation delves into what makes this release unique within the broader Kubernetes journey, highlights impactful technical advancements (especially for AI and Edge), and discusses community sustainability.

Key Discussion Points and Insights

The "Timbernetes" Theme: Origins and Meaning

[02:26-04:52]

The name "Timbernetes" draws inspiration from the Norse mythology concept of Yggdrasil, the world tree, symbolizing Kubernetes as a global, living ecosystem.
The theme reflects resilience and diversity across contributors and recognizes the strength of the community's roots.
Drew crafted the logo himself, incorporating RPG-classed squirrels to embody various release team roles (rogue triage, tech wizard, and warrior for branch management).
There’s an intentional continuation of recent release narratives around “resilience and magic.”

"We named the release Timbernetes. It uses the world tree as a metaphor for Kubernetes as a global living system... I really wanted to honor the resilience of the community."
— Drew Hagen [02:47]

Drew Hagen’s Journey to Release Lead

[05:25-08:17]

This is Drew's first time as release lead; he previously shadowed the lead and led multiple subteams (Enhancements, Communications, Docs, Release Signal).
Emphasizes the collaborative process: Each release lead has 3–5 shadows and works with subproject owners for collective delivery.

"I've been on the release team for three years... It's been really exciting to see this project and all the guardrails, and all the people that come together."
— Drew Hagen [06:20]

Behind the Scenes: Release Lead Coordination vs. Technical Work

[10:33-12:23]

While Drew’s hands-on Kubernetes work is less frequent in his current job, prior experience helps empathize with users and ensure documentation and communications are relevant.
The release lead role is mostly about coordination and decision-making, not always deep technical contributions.

"Most of the time when I did start geeking out and digging deep, I would find my team was doing excellent work. I really had nothing to worry about and my trust was in good hands."
— Drew Hagen [11:02]

Kubernetes 1.35 By the Numbers

[12:23-13:18]

60 enhancements: 17 stable, 19 beta, 22 alpha.
Major deprecation: NGINX Ingress Controller is moving to best-effort maintenance in 2026, with full deprecation later.

Major Features and Highlights (with Timestamps)

In-Place Pod Resource Updates – Blockbuster Feature

[13:18-14:57]

KEP 1287 (now stable): Adjust CPU/memory requests/limits on a running pod—without a restart.
Eliminates downtime from configuration changes, making vertical scaling and dynamic workloads smoother.

"What's really powerful about this is that we can make in-place updates to adjust the CPU, memory requests and limits on the pod without restarting it."
— Drew Hagen [13:33]

Enhanced Scheduling and Node Features

Game Scheduling Support
[15:10-15:50]

Natively schedule groups of pods—all or none—important for AI/model training jobs that require coordinated startup.

Taints, Tolerations, and Scoring
[15:51-16:12]

Numerical comparisons to allocate pods to nodes (e.g., preferring on-demand vs. spot nodes for reliability).

Node-Declared Features
[18:33-19:33]

KEP 5328: Nodes actively declare supported features (hardware, OS, etc.)
Key for both AI (e.g., ensuring nodes have GPUs) and Edge (e.g., clarifying cluster heterogeneity).

"Nodes can have a lot of different versions... we'll finally have this capability for nodes to declare the features that they do support at schedule time."
— Drew Hagen [16:15]

Opportunistic Batching

[16:38-16:56]

Allows similar pods/jobs to be efficiently scheduled in batches, reducing turnaround time for large or repetitive workloads.

Security Improvements: Pod Certificates and Impersonation

[19:33-20:24]

Native pod certificates for workload identity — reduces dependency on tools like SPIRE or cert-manager.
Lays groundwork for robust, multi-tenant environments.

"I'm just really excited about with 1.35 is to see the simplification that we're doing with cluster architectures... making some of these features native."
— Drew Hagen [20:01]

User Namespaces

Pods can elevate privileges safely—each gets a unique user ID, reducing host risk exposure.

OCI Artifacts as Storage Volumes

[20:24-21:29]

KEP 4643, now beta: Use a container/image registry to provide a data volume ("Image as Volume") for pods.
Particularly impactful for AI (hosting massive model files as attachable images) and Edge deployments.

"To be able to attach a data set as a container image...as you roll it out, maybe you have some removable media that you're using to install those workloads on the edge."
— Drew Hagen [20:54]

Use Cases and Community Stories

[21:45-23:41]

Drew’s Department of Defense background: delivering Kubernetes in air-gapped/edge settings (submarines, fighter jets).
Hosts reference fast food (Chick-fil-A, McDonald's, Target) deploying Kubernetes on-site for point-of-sale systems—a hallmark of Kubernetes’ flexibility into edge and retail.

Deprecations & Operator Warnings

[24:03-27:44]

NGINX Ingress Retirement ([24:03-25:13])

Drew underscores the sustainability challenges—fewer maintainers, time to move to Gateway API or alternatives.

"I think it really brings up a good point about the sustainability of open source...with NGINX Ingress we saw that it's just hard to continue safely without enough maintainer community."
— Drew Hagen [24:03]

Other Critical Deprecations ([26:22-27:44])

cgroups v1 support is removed; now require cgroups v2 hosts.
iptables is deprecated; migrate clusters to nftables.
Last call for containerd 1.x support; 2.x is now required, full removal slated for 1.36.
Operators should plan upgrades accordingly.

"I've been in roles before where it's like, wait a minute, we're not... We're end of support. Oh, we're end of life. Oh, great."
— Drew Hagen [27:39]

Notable Quotes & Memorable Moments

On the Logo and Community
"I wanted to pick something that was fun but also symbolic because...the resilience of all these maintainers that come together with their day jobs, families that they support."
— Drew Hagen [04:52]
On Coordination
"A lot of what I did was delegation and, you know, kind of wrangling cats around the project."
— Drew Hagen [11:02]
On Edge and AI
"For AI, maybe there are nodes that have a capable GPU that can support those training instances. Then it can declare that it has that available."
— Drew Hagen [19:05]

Timestamps for Key Segments

Introduction and Guest Welcome: [00:00] – [01:11]
Origins of Timbernetes Theme: [02:26] – [04:52]
Release Lead Experiences: [05:25] – [08:17]
Technical Coordination vs. Hacking: [10:33] – [12:23]
Release Stats and Headline Features: [12:23] – [13:18]
In-Place Pod Updates: [13:18] – [14:57]
Scheduling, Node Features, and AI Support: [15:10] – [19:33]
Security & Identity: [19:33] – [20:24]
OCI Artifacts as Volume (AI/Edge): [20:24] – [21:29]
Edge Use Cases and Community: [21:45] – [23:41]
NGINX Ingress Deprecation: [24:03] – [25:13]
Operator Warnings & Final Thoughts: [26:22] – [27:44]
Closing Remarks: [27:55] – [28:34]

Closing Thoughts

Drew and the hosts wrap by giving a heads-up to operators on technical deprecations and underscoring the importance of planning ahead. The episode celebrates the resilience and adaptability of the Kubernetes community, with a nod to the ongoing evolution of workloads (especially AI and Edge). The holiday spirit is light, appreciative, and full of optimism for the future.

For more details, see the official Kubernetes 1.35 release announcement blog and associated docs.

Podcast Summary: Kubernetes Podcast from Google

Overview: Main Theme and Purpose

Key Discussion Points and Insights

The "Timbernetes" Theme: Origins and Meaning

[02:26-04:52]

The name "Timbernetes" draws inspiration from the Norse mythology concept of Yggdrasil, the world tree, symbolizing Kubernetes as a global, living ecosystem.
The theme reflects resilience and diversity across contributors and recognizes the strength of the community's roots.
Drew crafted the logo himself, incorporating RPG-classed squirrels to embody various release team roles (rogue triage, tech wizard, and warrior for branch management).
There’s an intentional continuation of recent release narratives around “resilience and magic.”

"We named the release Timbernetes. It uses the world tree as a metaphor for Kubernetes as a global living system... I really wanted to honor the resilience of the community."
— Drew Hagen [02:47]

Drew Hagen’s Journey to Release Lead

[05:25-08:17]

This is Drew's first time as release lead; he previously shadowed the lead and led multiple subteams (Enhancements, Communications, Docs, Release Signal).
Emphasizes the collaborative process: Each release lead has 3–5 shadows and works with subproject owners for collective delivery.

"I've been on the release team for three years... It's been really exciting to see this project and all the guardrails, and all the people that come together."
— Drew Hagen [06:20]

Behind the Scenes: Release Lead Coordination vs. Technical Work

[10:33-12:23]

While Drew’s hands-on Kubernetes work is less frequent in his current job, prior experience helps empathize with users and ensure documentation and communications are relevant.
The release lead role is mostly about coordination and decision-making, not always deep technical contributions.

"Most of the time when I did start geeking out and digging deep, I would find my team was doing excellent work. I really had nothing to worry about and my trust was in good hands."
— Drew Hagen [11:02]

Kubernetes 1.35 By the Numbers

[12:23-13:18]

60 enhancements: 17 stable, 19 beta, 22 alpha.
Major deprecation: NGINX Ingress Controller is moving to best-effort maintenance in 2026, with full deprecation later.

Major Features and Highlights (with Timestamps)

In-Place Pod Resource Updates – Blockbuster Feature

[13:18-14:57]

KEP 1287 (now stable): Adjust CPU/memory requests/limits on a running pod—without a restart.
Eliminates downtime from configuration changes, making vertical scaling and dynamic workloads smoother.

"What's really powerful about this is that we can make in-place updates to adjust the CPU, memory requests and limits on the pod without restarting it."
— Drew Hagen [13:33]

Enhanced Scheduling and Node Features

Game Scheduling Support
[15:10-15:50]

Natively schedule groups of pods—all or none—important for AI/model training jobs that require coordinated startup.

Taints, Tolerations, and Scoring
[15:51-16:12]

Numerical comparisons to allocate pods to nodes (e.g., preferring on-demand vs. spot nodes for reliability).

Node-Declared Features
[18:33-19:33]

KEP 5328: Nodes actively declare supported features (hardware, OS, etc.)
Key for both AI (e.g., ensuring nodes have GPUs) and Edge (e.g., clarifying cluster heterogeneity).

"Nodes can have a lot of different versions... we'll finally have this capability for nodes to declare the features that they do support at schedule time."
— Drew Hagen [16:15]

Opportunistic Batching

[16:38-16:56]

Allows similar pods/jobs to be efficiently scheduled in batches, reducing turnaround time for large or repetitive workloads.

Security Improvements: Pod Certificates and Impersonation

[19:33-20:24]

Native pod certificates for workload identity — reduces dependency on tools like SPIRE or cert-manager.
Lays groundwork for robust, multi-tenant environments.

"I'm just really excited about with 1.35 is to see the simplification that we're doing with cluster architectures... making some of these features native."
— Drew Hagen [20:01]

User Namespaces

Pods can elevate privileges safely—each gets a unique user ID, reducing host risk exposure.

OCI Artifacts as Storage Volumes

[20:24-21:29]

KEP 4643, now beta: Use a container/image registry to provide a data volume ("Image as Volume") for pods.
Particularly impactful for AI (hosting massive model files as attachable images) and Edge deployments.

"To be able to attach a data set as a container image...as you roll it out, maybe you have some removable media that you're using to install those workloads on the edge."
— Drew Hagen [20:54]

Use Cases and Community Stories

[21:45-23:41]

Drew’s Department of Defense background: delivering Kubernetes in air-gapped/edge settings (submarines, fighter jets).
Hosts reference fast food (Chick-fil-A, McDonald's, Target) deploying Kubernetes on-site for point-of-sale systems—a hallmark of Kubernetes’ flexibility into edge and retail.

Deprecations & Operator Warnings

[24:03-27:44]

NGINX Ingress Retirement ([24:03-25:13])

Drew underscores the sustainability challenges—fewer maintainers, time to move to Gateway API or alternatives.

"I think it really brings up a good point about the sustainability of open source...with NGINX Ingress we saw that it's just hard to continue safely without enough maintainer community."
— Drew Hagen [24:03]

Other Critical Deprecations ([26:22-27:44])

cgroups v1 support is removed; now require cgroups v2 hosts.
iptables is deprecated; migrate clusters to nftables.
Last call for containerd 1.x support; 2.x is now required, full removal slated for 1.36.
Operators should plan upgrades accordingly.

"I've been in roles before where it's like, wait a minute, we're not... We're end of support. Oh, we're end of life. Oh, great."
— Drew Hagen [27:39]

Notable Quotes & Memorable Moments

On the Logo and Community
"I wanted to pick something that was fun but also symbolic because...the resilience of all these maintainers that come together with their day jobs, families that they support."
— Drew Hagen [04:52]
On Coordination
"A lot of what I did was delegation and, you know, kind of wrangling cats around the project."
— Drew Hagen [11:02]
On Edge and AI
"For AI, maybe there are nodes that have a capable GPU that can support those training instances. Then it can declare that it has that available."
— Drew Hagen [19:05]

Timestamps for Key Segments

Introduction and Guest Welcome: [00:00] – [01:11]
Origins of Timbernetes Theme: [02:26] – [04:52]
Release Lead Experiences: [05:25] – [08:17]
Technical Coordination vs. Hacking: [10:33] – [12:23]
Release Stats and Headline Features: [12:23] – [13:18]
In-Place Pod Updates: [13:18] – [14:57]
Scheduling, Node Features, and AI Support: [15:10] – [19:33]
Security & Identity: [19:33] – [20:24]
OCI Artifacts as Volume (AI/Edge): [20:24] – [21:29]
Edge Use Cases and Community: [21:45] – [23:41]
NGINX Ingress Deprecation: [24:03] – [25:13]
Operator Warnings & Final Thoughts: [26:22] – [27:44]
Closing Remarks: [27:55] – [28:34]

Closing Thoughts

For more details, see the official Kubernetes 1.35 release announcement blog and associated docs.

Kubernetes 1.35: Timbernetes, with Drew Hagen

Powered by Wave AI

Summary

Podcast Summary: Kubernetes Podcast from Google

Overview: Main Theme and Purpose

Key Discussion Points and Insights

The "Timbernetes" Theme: Origins and Meaning

Drew Hagen’s Journey to Release Lead

Behind the Scenes: Release Lead Coordination vs. Technical Work

Kubernetes 1.35 By the Numbers

Major Features and Highlights (with Timestamps)

In-Place Pod Resource Updates – Blockbuster Feature

Enhanced Scheduling and Node Features

Opportunistic Batching

Security Improvements: Pod Certificates and Impersonation

OCI Artifacts as Storage Volumes

Use Cases and Community Stories

Deprecations & Operator Warnings

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Closing Thoughts

Summary

Podcast Summary: Kubernetes Podcast from Google

Overview: Main Theme and Purpose

Key Discussion Points and Insights

The "Timbernetes" Theme: Origins and Meaning

Drew Hagen’s Journey to Release Lead

Behind the Scenes: Release Lead Coordination vs. Technical Work

Kubernetes 1.35 By the Numbers

Major Features and Highlights (with Timestamps)

In-Place Pod Resource Updates – Blockbuster Feature

Enhanced Scheduling and Node Features

Opportunistic Batching

Security Improvements: Pod Certificates and Impersonation

OCI Artifacts as Storage Volumes

Use Cases and Community Stories

Deprecations & Operator Warnings

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Closing Thoughts