There are several Kubernetes versions that have removed APIs. If you upgrade a Google Distributed Cloud cluster to a new Kubernetes version, and your workloads use any APIs that have been removed, your workloads could be disrupted. Follow the steps given here to determine whether your workloads use any of the removed APIs for a given Kubernetes version before you upgrade your cluster.
You can see a list of deleted APIs in each Kubernetes version in this doc.
Determine if the API deletion affects you
To determine if the Kubernetes Service Accounts you use make calls to any deleted APIs, run the supplied query in Logs Explorer:
In the Google Cloud console, go to the Logs Explorer page in the Logging menu.
In the Query field, enter the following query:
resource.labels.cluster_name = "CLUSTER_NAME" AND logName = "projects/PROJECT_ID/logs/externalaudit.googleapis.com%2Factivity" AND protoPayload.authenticationInfo.principalEmail!~("system:serviceaccount:kube-system:") AND protoPayload.authenticationInfo.principalEmail!~("system:serviceaccount:gke-system:") AND protoPayload.authenticationInfo.principalEmail!~("kube-admin") AND protoPayload.authenticationInfo.principalEmail!~("kubernetes-admin") AND labels."k8s.io/removed-release"="KUBERNETES_MINOR_VERSION"The output from this query shows if any of your Kubernetes Service Accounts make deleted API calls in the given KUBERNETES_MINOR_VERSION, for example, 1.25.