By Category

AI Agents CAPA Releases CAPV Releases CAPVCD Releases CAPZ Releases Connectivity Continuous Deployment Developer Portal Documentation Fleet Management Observability Others Security

Workload cluster release vsphere-34.2.0 for CAPV

Apr 28, 2026 CAPV releases releases vsphere-34.2.0

Changes compared to v34.1.1

Components

cluster-vsphere from v4.1.4 to v5.1.3
cluster from v5.1.2 to v5.3.1
Flatcar from v4459.2.3 to v4459.2.4
Kubernetes from v1.34.5 to v1.34.7
os-tooling from v1.26.4 to v1.28.0

cluster-vsphere v4.1.4…v5.1.3

Changed

HelmReleases: Reduce hard-coded default interval from 10m to 5m.
Apps: Enable rbac-bootstrap as a default HelmRelease app.

Fixed

Allow adding additional properties into global.metadata.
Add missing values key to kube-vip-cloud-provider HelmRelease.

cluster v5.1.2…v5.3.1

Added

Apps: Add rbac-bootstrap as a default HelmRelease app with a default ClusterRoleBinding for giantswarm:giantswarm-admins.

Changed

Apps: Use OCIRepository source for rbac-bootstrap HelmRelease.

Fixed

Apps: Change rbac-bootstrap default role from read-all to view and add additional groups for token forwarded cases.

Apps

cert-exporter from v2.9.16 to v2.10.1
cilium from v1.4.1 to v1.4.3
cloud-provider-vsphere from v2.2.0 to v2.4.0
coredns from v1.29.1 to v1.30.0
etcd-defrag from v1.2.4 to v1.2.6
k8s-dns-node-cache from v2.9.2 to v2.11.0
observability-bundle from v2.6.0 to v2.8.0
security-bundle from v1.17.0 to v1.17.1

cert-exporter v2.9.16…v2.10.1

Added

DaemonSet: Add VPA.

Changed

Values: Tune resources.

Fixed

Parse all PEM blocks in secrets and certificate files, not just the first one. This fixes false alerts when multiple certificates are concatenated (e.g. Kyverno webhook cert rotation).

cilium v1.4.1…v1.4.3

Changed

Upgrade Cilium to v1.19.3.
Upgrade Cilium to v1.19.2.

cloud-provider-vsphere v2.2.0…v2.4.0

Changed

Update to upstream v1.35.1.
Set version field of Chart.yaml to latest repo release fix ci checks.
Update to upstream 1.35.0.

Removed

Removed PodSecurityPolicy.
Removed podSecurityPolicy helm value.

coredns v1.29.1…v1.30.0

Added

Add coredns-adopter job to adopt default CoreDNS resources on EKS clusters (disabled by default).

Changed

Update coredns image to 1.14.2.

etcd-defrag v1.2.4…v1.2.6

Changed

Chart: Update dependency ahrtr/etcd-defrag to v0.39.0. (#86)
Chart: Update dependency ahrtr/etcd-defrag to v0.38.0. (#84)

k8s-dns-node-cache v2.9.2…v2.11.0

Added

Add configmap.log.enabled helm value to toggle CoreDNS query logging (default: false).
Make AAAA NOERROR configurable for IPv6.

observability-bundle v2.6.0…v2.8.0

Added

Add KSM metrics for Envoy Gateway resources.
Add application.giantswarm.io/team annotation from HelmReleases as label to KSM emitted metrics.

Changed

Update kube-prometheus-stack to 20.1.0
Change team annotation in Chart.yaml to OpenContainers format (io.giantswarm.application.team).
Update alloy-app to 0.17.1
Update kube-prometheus-stack to 20.0.0
Update prometheus-operator-crd to 20.0.0

security-bundle v1.17.0…v1.17.1

Added

Add io.giantswarm.application.audience and io.giantswarm.application.managed chart annotations for Backstage visibility.

Changed

Update falco (app) to v0.11.2.
Update gel (app) to v1.0.2.
Update kubescape (app) to v0.0.6.
Update reports-server (app) to v0.1.3.
Update starboard-exporter (app) to v1.0.3.
Update trivy (app) to v0.14.2.
Update trivy-operator (app) to v0.12.2.
Migrate chart annotations to OCI-compatible format.