Kubernetes v1.36.2 - Dynamic Resource Allocation Fixes and CSI Stability
Kubernetes v1.36.2 arrived on June 12, 2026, as the second patch release for the 1.36 branch. This update delivers critical fixes for the Dynamic Resource Allocation system and addresses a storage issue that could lead to stale volume data.
The full release notes and downloads are on the GitHub release page.
Dynamic Resource Allocation Scheduler Fixes
The most significant changes in this release involve the Dynamic Resource Allocation or DRA system. The maintainers fixed a scheduler bug that could lead to incorrect resource assignments. Specifically, a bug in the scheduler could assign mutually exclusive device partitions to multiple Pods. This issue occurred when DRA drivers used shared counters together with multi allocatable devices. Depending on the specific device and driver in use, this double allocation could result in workload failures, device conflicts, or even data loss.
In addition to the allocation fix, this patch resolves a scenario where Pods could get stuck in a Pending state. This happened when Pods shared multi node claims while also possessing per node claims. The scheduler now handles these overlapping requirements more reliably.
The kube-scheduler also received a fix for a potential panic. The crash occurred when a DRA ResourceClaim using the allocationMode: All setting selected a device that consumed shared counters. These stability improvements make the DRA feature much safer for production environments where hardware acceleration or specialized devices are managed through these new APIs.
CSI Volume and Mount Stability
Storage operators will find an important fix for CSI volume management. In previous versions, the kubelet could delete the CSI mount directory if a periodic NodePublishVolume call failed. This happened specifically when the CSIDriver specification had requiresRepublish set to true.
When the call returned an error, the kubelet would remove the directory, leaving the Pod with stale volume contents. Subsequent successful attempts to republish the volume could not always repair this state. This release ensures that mount directories are handled more gracefully during transient errors, preventing Pods from losing access to their data or seeing inconsistent file system states.
Core Controller and Secret Fixes
The endpoint controller received a fix for a panic that affected services with an empty IPFamilies field. This mostly impacted older services that existed before dual stack support was introduced and had never been updated. While rare in newer clusters, this fix ensures that older workloads do not crash the controller during reconciliation.
There is also a fix for a regression involving suspended Jobs. In version 1.36, attempts to modify scheduling directives like nodeSelector, tolerations, or node affinity on a suspended Job were sometimes rejected. This occurred if the JobSuspended condition had not yet been set by the job controller. The update restores the expected behavior, allowing operators to adjust these directives before a Job is resumed.
Finally, this release includes a fix for handling Secrets that contain binary data. A regression in the 1.34 branch caused issues when containers used environment values sourced from Secrets containing non utf8 data. This fix is particularly important for workloads that store cryptographic keys, certificates, or other binary blobs in Secret objects and expect them to be available as environment variables.
Go 1.26.4 Update
Following the standard practice for Kubernetes patch releases, the binaries for v1.36.2 are built using the latest Go version. This release moves to Go 1.26.4. Staying current with Go patches is vital for picking up the latest security fixes and compiler improvements from the upstream Go team.
Where to get it
You can download the binaries and read the detailed changelog through the following links:
- Kubernetes v1.36.2 Release Page
- Main Kubernetes Repository
- The release tag is
v1.36.2
Users running the 1.36 branch are encouraged to upgrade to this patch release to benefit from the scheduling and storage stability fixes.