The Kubernetes Bible: Deploy & Manage K8s accross Cloud Platforms
July 1, 2025

Kubernetes 1.34: Security, Performance, and DRA Go GA

Vyom Yadav, Kubernetes Release Team Lead and Software Engineer at Canonical, joins Sylvain Kalache to discuss what’s new in Kubernetes 1.34. With over 58 enhancements, this release focuses on maturing Kubernetes as a secure and performant platform, from API server optimizations to GPU resource management.

What you will learn in this episode:

  • Improved security with projected service account tokens: A new mechanism for pod-level identity when pulling images from private registries, offering better multi-tenant isolation.
  • Mutating admission policies built-in: Kubernetes now supports mutating admission policies natively, reducing the need to maintain external controllers like OPA or Kyverno for simple use cases.
  • Common Expression Language (CEL) as a standard: CEL is now central to multiple Kubernetes components, including admission policies and Device Resource Assignment (DRA), improving consistency across features.
  • DRA goes GA for GPU workloads: DRA general availability marks a milestone for scheduling and sharing GPUs, NICs, and FPGAs across pods — with improved support for auto-scaling and resource prioritization.
  • API server performance revamp: A trio of enhancements — consistent reads from cache, streaming list responses, and snapshotable caches — deliver major efficiency gains for large-scale clusters.

Vyom also shares that ongoing work continues to extend DRA capabilities and strengthen Kubernetes’ foundations for high-performance and secure workloads.