Helm 3.17 (Feb 2025) persists OCI registry logins, debuts `helm chart scavenger` for layer cleanup, and defaults newly‑created charts to API v2, simplifying secure chart distribution.
containerd 2.0 (Nov 2024) stabilises v2 snapshotter APIs, bumps Go 1.22, and ships cgroup‑v2 rootless overlayfs—unlocking improved isolation and performance for Kubernetes CRI implementations.
Rancher’s System Upgrade Controller orchestrates rolling upgrades of K3s and RKE2 via *Plan* CRDs. Version 0.13 (Jan 2025) adds HelmChartPlan support and pre‑drain hooks for zero‑downtime node cycling.
Rook 1.15 (Dec 2024) streamlines Ceph CSI auto‑config, enables n‑way stretch clusters, and introduces object‑bucket replication—providing resilient file, block, and object storage in Kubernetes.
Rancher Kubernetes Engine 2 packages upstream Kubernetes 1.30 with CIS hardening, SELinux by default, and controllable component versions. Binary bundles include containerd, CoreDNS, and Canal CNI for production‑ready clusters.
Kustomize 5.x supports composition of base overlays, introduces `varReference` schema validation, and allows remote OCI bases—enabling GitOps pipelines to generate deterministic, secrets‑free manifests.
Istio 1.23 (Apr 2025) finalises ambient sidecar‑less dataplane, halves memory footprint, and integrates Kubernetes Gateway API for unified traffic management and zero‑trust mTLS across clusters.
Cilium 1.16 (Feb 2025) adds L7 policy for Kafka, accelerates kube‑proxy replacement with eBPF, and graduates Mesh mode with Envoy‑free Hubble observability—offering high‑performance networking and security.
NGINX Ingress Controller 3.1 (Mar 2025) supports Gateway API Gamma, includes dynamic mTLS certificate rotation, and ships an improved Prometheus exporter for real‑time traffic stats.
ExternalDNS 0.15.1 (Jan 2025) syncs Kubernetes Services and Ingress hosts to 20+ DNS providers—including Route 53, Cloudflare, and Google Cloud DNS. Recent helm updates add `labelFilter`, `managedRecordTypes`, and templated service‑account annotations, easing multi‑tenant record management.
CoreDNS 1.13 (Jun 2025) becomes the default DNS plugin for Kubernetes 1.31, adding OpenTelemetry spans, improved negative‑cache TTL handling, and a rewriten *auto* plugin that watches CRDs for dynamic stub zones.
PowerDNS 4.9 (Apr 2025) introduces native DNS‑over‑HTTPS support, incremental AXFR optimisation, and Lua 5.4 policy scripts—making multi‑tenant authoritative zones faster and more secure.
cloudflared 2025.4 introduces QUIC multiplex transport, automatic token refresh, and Kubernetes Sidecar mode—creating secure outbound tunnels that expose services without public ingress IPs.
HashiCorp Consul 1.18 (Jan 2025) enhances Mesh Gateway federation, embeds wasm‑based traffic filters, and adds xDS control‑plane sync—simplifying multi‑cluster service discovery and resilience.
Vault 1.16 (May 2025) ships Key Management Secrets Engine GA, native OIDC token exchange, and performance‑standing splits—delivering unified secrets, encryption, and IAM workflows for cloud‑native apps.
GitHub Packages (May 2025) supports OCI‑conformant Helm and WASM artifacts, fine‑grained PAT scopes, and registry firewall rules—allowing teams to co‑locate images, SBOMs, and Helm charts with their code.
