Runtime Briefing — Kubernetes 1.26 "Electrifying"
The Kubernetes project released version 1.26 on December 9, 2022, stabilizing PodSecurity admission, promoting Windows privileged containers, and extending CSI sidecar features for platform operators.
Executive briefing: The Kubernetes Release Team shipped Kubernetes 1.26 on . The "Electrifying" release continues pod security hardening, upgrades Windows container support, and advances storage extensibility for multi-cloud clusters.
Key features
- PodSecurity admission GA. The PodSecurity admission controller graduates to stable, replacing PodSecurityPolicy with standards-based enforcement.
- Windows privileged containers. HostProcess containers reach stable status, unlocking node management agents on Windows worker nodes.
- CSI migration progress. CSI migration for in-tree plugins (AWS EBS, OpenStack Cinder) advances, supporting consistent storage provisioning.
- CRI improvements. Container Runtime Interface (CRI) updates improve node startup latency and logging for containerd-based clusters.
Implementation guidance
- Transition from deprecated PodSecurityPolicy manifests to namespace-level PodSecurity admission profiles.
- Validate Windows node groups for HostProcess workloads and align RBAC controls with privileged operations.
- Audit CSI driver readiness and update storage classes to supported sidecar versions before upgrading control planes.