Skip to content

Release notes for kOps 1.27 series

Significant changes

  • The default image has been updated to Ubuntu 22.04 (Jammy).

  • The default retention duration for the etcd backups is now set to 90 days. This behaviour can be overridden by setting spec.etcdClusters[*].manager.backupRetentionDays in the cluster spec.

  • external-dns is now supported in IPv6 clusters.

  • Using swap memory is now possible by setting spec.kubelet.memorySwapBehavior.


  • As of Kubernetes version 1.27, all nodes will default to running with instance-metadata-service tokens required, with a max hop limit of 1. Newly created clusters will be configured as necessary to have these settings.

  • As of Kubernetes version 1.27, credentials for private ECR repositories will be handled by the out-of-tree credential provider. This is an additional binary that each instance downloads from the assets repository.

  • Karpenter has been upgraded to version 0.27.x and the feature flag is no longer necessary.


  • Improved support for private topology.

  • Support for bastions has been added.


  • Nodes will now assign floating IPs when they are in a subnet that is of type Public. Previously they would do so when the respective topology was set to public.

Breaking changes


  • If storing the state in an S3 bucket, it is now required to either deactivate gossip support (--dns=none) or - for example - provide the credentials via cloud-init. Due to changes in PR#15646 the S3_* variables will not get passed on to the boot script of the nodes anymore. As a result the kops-configuration.service will throw an EnvAccessKeyNotFound: failed to find credentials in the environment. error and they will not join the cluster. Deactivating the gossip support will make the nodes contact the API servers for the bootstrap information.

Other breaking changes

  • Support for Kubernetes version 1.21 has been removed.

Known Issues


  • Support for Kubernetes version 1.22 is deprecated and will be removed in kOps 1.28.

  • Support for Kubernetes version 1.23 is deprecated and will be removed in kOps 1.29.

  • Support for Ubuntu 18.04 is deprecated and will be removed in kOps 1.28.

  • Canal, and Flannel are deprecated and support will be removed for Kubernetes 1.28 and later.

  • Support for AWS Classic Load Balancer for API is deprecated and should not be used for newly created clusters.

  • All legacy addons are deprecated in favor of managed addons, including the metrics server addon and the autoscaler addon.