gardener · gardener-prow · Apr 24, 2026 · Apr 23, 2026
@@ -12,6 +12,7 @@ tags:
   - feature-announcement
   - networking
   - node-management
+  - apeiro
 ---
 Gardener is continually evolving to offer greater flexibility and efficiency in managing Kubernetes clusters. A significant enhancement has been introduced that addresses a common networking challenge: the requirement for completely disjoint network CIDR blocks between a shoot cluster and its seed cluster. Now, Gardener allows for IPv4 network overlap in specific scenarios, providing users with more latitude in their network planning.
 

@@ -17,6 +17,7 @@ aliases: ["/blog/2025/05/19/enhanced-node-management-introducing-in-place-update
 tags:
   - feature-announcement
   - node-management
+  - apeiro
 ---
 Gardener is committed to providing efficient and flexible Kubernetes cluster management. Traditionally, updates to worker pool configurations, such as machine image or Kubernetes minor version changes, trigger a rolling update. This process involves replacing existing nodes with new ones, which is a robust approach for many scenarios. However, for environments with physical or bare-metal nodes, or stateful workloads sensitive to node replacement, or if the virtual machine type is scarce, this can introduce challenges like extended update times and potential disruptions.
 

@@ -13,6 +13,7 @@ tags:
   - cost-optimization
   - security
   - dashboard
+  - apeiro
 ---
 Gardener Dashboard version 1.80 introduces several significant enhancements aimed at improving user experience, credentials management, and overall operational efficiency. These updates bring more clarity to credential handling, a smoother experience for managing large numbers of clusters, and a move towards a more reactive interface.
 

@@ -13,6 +13,7 @@ tags:
   - networking
   - node-management
   - provider-gcp
+  - apeiro
 ---
 Gardener has recently refined how it determines the readiness of `kube-proxy` components within managed Kubernetes clusters. This adjustment leads to more accurate system health reporting, especially during node scale-down operations orchestrated by `cluster-autoscaler`.
 

@@ -12,6 +12,7 @@ tags:
   - feature-announcement
   - security
   - node-management
+  - apeiro
 ---
 Gardener continues to enhance its operational capabilities, and a recent improvement introduces a much-requested feature for managing gardenlets: the ability to forcefully trigger their redeployment. This provides operators with greater control and a streamlined recovery path for specific scenarios.
 

@@ -12,6 +12,7 @@ aliases: ["/blog/2025/05/21/streamlined-node-onboarding-introducing-gardenadm-to
 tags:
   - feature-announcement
   - node-management
+  - apeiro
 ---
 Gardener continues to enhance its `gardenadm` tool, simplifying the management of autonomous Shoot clusters. Recently, new functionalities have been introduced to streamline the process of adding worker nodes to these clusters: the `gardenadm token` command suite and the corresponding `gardenadm join` command. These additions offer a more convenient and Kubernetes-native experience for cluster expansion.
 

@@ -10,6 +10,7 @@ authors:
 aliases: ["/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen"]
 tags:
   - community-event
+  - apeiro
 ---
 # Taking Gardener to the Next Level: Highlights from the 7th Gardener Community Hackathon in Schelklingen
 

@@ -13,6 +13,7 @@ tags:
   - networking
   - node-management
   - provider-gcp
+  - apeiro
 ---
 Gardener continues to enhance its networking capabilities, now offering a streamlined migration path for existing IPv4-only shoot clusters on Google Cloud Platform (GCP) to dual-stack (IPv4 and IPv6). This allows clusters to leverage the benefits of IPv6 networking while maintaining IPv4 compatibility.
 

@@ -11,6 +11,7 @@ aliases: ["/blog/2025/06/18/enhanced-extension-management-introducing-autoenable
 tags:
   - feature-announcement
   - extensions
+  - apeiro
 ---
 Gardener's extension mechanism has been enhanced with two new fields in the `ControllerRegistration` and `operatorv1alpha1.Extension` APIs, offering operators more granular control and improved safety when managing extensions. These changes, detailed in [PR #11982](https://github.com/gardener/gardener/pull/11982), introduce `autoEnable` and `clusterCompatibility` for resources of `kind: Extension`.
 

@@ -11,6 +11,7 @@ aliases: ["/blog/2025/06/18/enhanced-internal-traffic-management-l7-load-balanci
 tags:
   - feature-announcement
   - networking
+  - apeiro
 ---
 Gardener continuously evolves to optimize performance and reliability. A recent improvement focuses on how internal control plane components communicate with `kube-apiserver` instances, introducing cluster-internal Layer 7 (L7) load balancing to ensure better resource distribution and system stability.
 

@@ -14,6 +14,7 @@ aliases: ["/blog/2025/06/18/gardener-enhances-observability-with-opentelemetry-i
 tags:
   - technical-deep-dive
   - observability
+  - apeiro
 ---
 Gardener is advancing its observability capabilities by integrating OpenTelemetry, starting with log collection and processing. This strategic move, outlined in [GEP-34: OpenTelemetry Operator And Collectors](https://github.com/gardener/gardener/pull/11861), lays the groundwork for a more standardized, flexible, and powerful observability framework in line with Gardener's [Observability 2.0 vision](https://github.com/gardener/logging/blob/master/docs/observability-2.0/Observability%202.0.md).
 

@@ -16,6 +16,7 @@ tags:
   - security
   - storage
   - node-management
+  - apeiro
 ---
 Gardener has introduced a new feature gate, `DoNotCopyBackupCredentials`, to enhance the security and clarity of how backup credentials for managed seeds are handled. This change moves away from an implicit credential-copying mechanism to a more explicit and secure configuration practice.
 

@@ -12,6 +12,7 @@ tags:
   - tutorial
   - security
   - observability
+  - apeiro
 ---
 In this blog post, we will explore how to set up an [OpenTelemetry](https://opentelemetry.io/) based observability stack on a Gardener shoot cluster. OpenTelemetry is an open-source observability framework that provides a set of APIs, SDKs, agents, and instrumentation to collect telemetry data from applications and systems.
 It provides a unified approach for collecting, processing, and exporting telemetry data such as traces, metrics, and logs. In addition, it gives flexibility in designing observability stacks, helping avoid vendor lock-in and allowing users to choose the most suitable tools for their use cases.

@@ -13,6 +13,7 @@ tags:
   - networking
   - node-management
   - extensions
+  - apeiro
 ---
 Gardener continues to enhance its networking capabilities, offering users greater flexibility in managing their cluster landscapes. A significant advancement is the extension of IPv4 network overlap support to Shoot clusters with high-availability (HA) control planes. Previously a feature exclusive to non-HA Shoots, this update allows both single-stack IPv4 and dual-stack Shoots to utilize pod, service, and node network ranges that overlap with the networks of their Seed cluster.
 

@@ -15,6 +15,7 @@ tags:
   - provider-azure
   - provider-gcp
   - provider-openstack
+  - apeiro
 ---
 Running Kubernetes clusters at scale comes with its own challenges.
 

@@ -13,6 +13,7 @@ tags:
   - cost-optimization
   - networking
   - node-management
+  - apeiro
 ---
 The `node-local-dns` feature in Kubernetes significantly improves DNS reliability and performance by running a dedicated caching agent on each cluster node. However, enabling or disabling this feature in Gardener historically required a full, time-consuming rolling update of all worker nodes. A recent enhancement streamlines this process, improving operational efficiency and reducing disruption.
 

@@ -10,6 +10,7 @@ authors:
 aliases: ["/blog/2025/08/27/new-emergency-brake-for-gardener-shoot-reconciliations"]
 tags:
   - technical-deep-dive
+  - apeiro
 ---
 In large-scale Kubernetes landscapes, ensuring stability during updates is paramount. A faulty configuration or update can propagate quickly, potentially impacting numerous clusters. To provide operators with a powerful tool to mitigate such risks, Gardener has introduced an emergency stop mechanism for `Shoot` reconciliations.
 

@@ -12,6 +12,7 @@ tags:
   - technical-deep-dive
   - networking
   - extensions
+  - apeiro
 ---
 The internet is built on the Internet Protocol (IP), and for decades, its fourth version, IPv4, has been the bedrock of global connectivity. However, the explosive growth of the internet, a phenomenon that began in the 1990s, made it clear that the 32-bit address space of IPv4 was finite and rapidly depleting. The long-foreseen solution, IPv6, with its vast 128-bit address space, has been around for nearly 30 years, but its adoption has been a slow and steady marathon rather than a sprint.
 

@@ -12,6 +12,7 @@ tags:
   - technical-deep-dive
   - security
   - networking
+  - apeiro
 ---
 Gardener's DNS management capabilities have been enhanced to provide a more explicit, secure, and flexible method for configuring internal DNS for `Seed` clusters. This change moves away from a global, label-based secret selection to a direct configuration within the `Seed` API.
 

@@ -12,6 +12,7 @@ tags:
   - technical-deep-dive
   - observability
   - storage
+  - apeiro
 ---
 
 Gardener is introducing a significant enhancement to its logging architecture for shoot clusters. By enabling the new `OpenTelemetryCollector` feature gate, shoots will be instrumented with the power and flexibility of the [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/) to process and route shoot logs. This marks a key step in the evolution of Gardener's observability stack, as outlined in [GEP-34](https://github.com/gardener/enhancements/blob/main/geps/0034-observability2.0-opentelemetry/README.md).

@@ -13,6 +13,7 @@ tags:
   - security
   - observability
   - extensions
+  - apeiro
 ---
 Gardener has introduced a new feature that enhances the discoverability of services running within a Shoot's control plane. While the `.status.advertisedAddresses` field in the `Shoot` resource has always provided key endpoints like the API server URL, it now supports extension by other components.
 

@@ -10,6 +10,7 @@ authors:
 aliases: ["/blog/2025/11/12/gardener-ai-conformance"]
 tags:
   - technical-deep-dive
+  - apeiro
 ---
 We are happy to announce that Gardener is one of the first Kubernetes offerings to report official AI Conformance, as defined by the Cloud Native Computing Foundation's (CNCF) Kubernetes AI Conformance Working Group. This significant milestone underscores Gardener's commitment to providing a robust, scalable, and reliable platform for running modern, resource-intensive AI and machine learning (ML) workloads.
 

@@ -14,6 +14,7 @@ aliases: ["/blog/2025/11/12/promcon-eu-2025"]
 tags:
   - community-event
   - observability
+  - apeiro
 ---
 PromCon EU 2025, the 10th annual conference for Prometheus users and developers, took place on October 21st and 22nd. After being held in Berlin for two years, the event was kindly hosted by Google in Munich again this year. Since Prometheus and related tools are the core of Gardener's monitoring stack, we were excited to attend, connect with the community, and learn about the latest developments in the Prometheus ecosystem.
 

@@ -15,6 +15,7 @@ tags:
   - storage
   - node-management
   - etcd
+  - apeiro
 ---
 Maintaining a strong security posture is crucial for any Kubernetes environment. A key aspect of this is the regular rotation of credentials. To simplify this essential task and reduce operational overhead, Gardener now supports the automatic rotation of several critical credentials during a `Shoot` cluster's maintenance window.
 

@@ -13,6 +13,7 @@ tags:
   - security
   - helm
   - extensions
+  - apeiro
 ---
 Gardener continues to enhance its security and flexibility, particularly for users operating in air-gapped environments or utilizing private infrastructure. A new feature now allows operators to specify a custom Certificate Authority (CA) bundle when pulling Helm charts from OCI registries. This is a significant improvement for environments where registries are secured with custom or self-signed TLS certificates.
 

@@ -14,6 +14,7 @@ tags:
   - security
   - node-management
   - extensions
+  - apeiro
 ---
 Managing configurations consistently across a fleet of Kubernetes clusters can be a complex task. Operators often need a straightforward way to deploy baseline resources—such as security policies, resource quotas, or RBAC rules—to all or a subset of their clusters without the overhead of building and maintaining a full-blown extension.
 

@@ -10,6 +10,7 @@ authors:
 tags:
   - feature-announcement
   - extensions
+  - apeiro
 aliases: ["/blog/2026/03/18/say-goodbye-to-provider-extensions-introducing-the-new-remote-setup"]
 ---
 

@@ -11,6 +11,7 @@ authors:
 tags:
   - feature-announcement
   - high-availability
+  - apeiro
 aliases: ["/blog/2026/04/01/fine-tune-your-shoot-control-plane-placement-with-zone-awareness"]
 ---
-Original file line number
+Diff line change
@@ Expand Up @@
     tags:
       - feature-announcement
       - node-management
+      - apeiro
     ---
     Gardener is committed to providing efficient and flexible Kubernetes cluster management. Traditionally, updates to worker pool configurations, such as machine image or Kubernetes minor version changes, trigger a rolling update. This process involves replacing existing nodes with new ones, which is a robust approach for many scenarios. However, for environments with physical or bare-metal nodes, or stateful workloads sensitive to node replacement, or if the virtual machine type is scarce, this can introduce challenges like extended update times and potential disruptions.
@@ Expand Down @@