Kubernetes v1.27 Release Highlights: New Features, Enhancements, and Deprecations

Kubernetes v1.27, the first release of 2023, arrives with a light‑hearted theme and a new logo, marking a notably calm release cycle where no feature required an exception after the enhancement freeze.

The most visible change is the migration from the legacy k8s.gcr.io image registry to the community‑run registry.k8s.io , which will be frozen and no longer receive new images.

Security improvements include promoting SeccompDefault to GA; clusters must enable the --seccomp-default flag on kubelet to use the RuntimeDefault profile by default.

Job scheduling gains a new GA feature: mutable scheduling directives, allowing pre‑run updates to node affinity, selectors, tolerations, labels, annotations, and scheduling gates for unsuspended jobs.

The DownwardAPI now supports hugepages requests and limits as a stable feature, aligning resource specifications with CPU and memory.

Pod scheduling readiness moves to beta, giving users control over when a pod is considered ready for scheduling via .spec.schedulingGates .

An alpha feature, NodeLogQuery, lets administrators query system logs on nodes through the Kubernetes API, provided the appropriate feature gates and kubelet flags are enabled.

The ReadWriteOncePod access mode is promoted to beta, adding scheduler pre‑emption support for pods that require exclusive volume writes.

SELinux relabeling is optimized by mounting volumes with the correct label context instead of recursively relabeling files, improving pod startup speed.

The VolumeManager reconstruction is upgraded to beta, offering more reliable mounted‑volume discovery during kubelet startup.

Nine enhancements graduate to stable in this release, including default container annotations for kubectl, CronJob time‑zone support, pod resource request/limit metrics, server‑side unknown field validation, node topology manager, gRPC probes for liveness/readiness/startup, configurable probe grace periods, OpenAPI v3, and continued support for the latest Go versions.

Several APIs and feature gates are removed or deprecated, such as the storage.k8s.io/v1beta1 CSIStorageCapacity version, old seccomp annotations, various command‑line flags (e.g., --master‑service‑namespace , --enable‑taint‑manager ), and numerous feature gates like CSI migration, EphemeralContainers, and NetworkPolicyEndPort.

Full release notes, changelog, and binaries are available on the Kubernetes GitHub repository (https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.27.md and https://github.com/kubernetes/kubernetes/releases/tag/v1.27.0), and the version can be installed locally via tools such as Minikube, Kind, or kubeadm.