Introducing GKE extended support: Stay on a GKE minor version for up to 24 months

At Google Cloud, we strongly recommend regular, automatic updates for your Google Kubernetes Engine (GKE) clusters, to keep them secure and up-to-date. But sometimes, businesses have legitimate reasons to delay upgrading their GKE clusters. Whether it's due to your business being in a critical season, qualification delays, or a complex migration, you might need to stay on a specific GKE minor version a bit longer than ideal. 

Today, we’re excited to announce GKE extended support. Starting with GKE version 1.27, clusters can remain officially supported for up to 24 months on a specific GKE minor version. After GKE standard support's 14 months are over, GKE extended support takes over, adding another ~10 months during which clusters continue to receive security patches. GKE extended support is available with the Extended release channel. It complements our ongoing mission for automated, reliable upgrades, ensuring GKE customers benefit from innovation at a pace that is right for them.  

Understanding GKE extended support 

Clusters on the Extended release channel will receive patch upgrades through both standard and extended support periods. During the GKE standard support period, patches occur at the same cadence as for the Regular release channel. At the end of the standard support period (formerly known as the end-of-life date), clusters automatically enter the extended support period. Once a cluster enters this period, it continues to receive security patches. GKE clusters on the Extended release channel stay on the same GKE minor version until shortly before the extended support period ends. You can control the timing and scope of automated cluster upgrade events with maintenance windows and exclusions.

GKE clusters on the Extended release channel are charged an extended support period cluster management fee ($0.50 per cluster per hour) in addition to the standard cluster management fee ($0.10 per cluster per hour). The additional charge applies only when the cluster extended support period starts. There are no additional charges for using the Extended channel during the GKE minor version’s standard support period. You can upgrade to a minor version covered under standard support at any time. Once a cluster is on a standard support version, it can move back to any release channel where that minor version is available. The extended support period management fee is included in the GKE Enterprise edition. Review our GKE pricing.

The Extended release channel will be generally available in the coming weeks. Initially you’ll be able to utilize this feature through gcloud and API, and later through the Google Cloud console. Once a GKE cluster on version 1.27 or later enters the extended support period, it will continue to receive security patches and will be charged the extended period cluster management fee. You can review the GKE release schedule for additional details about GKE v1.27 end of standard support timeline. Cluster eligibility criteria apply, so you’ll need to ensure that your clusters meet the minimum version requirements and disable ineligible features. 

Customers not currently on a release channel are encouraged to move to the Rapid, Regular, Stable or Extended channel.

Frequently asked questions

How do I know if I’m eligible for GKE extended support?
In order for clusters to receive extended support, they must meet certain eligibility criteria, including minimum version requirements and using features that are eligible for extended support. Clusters that are ineligible will not be able to move to the Extended release channel. Review GKE extended support eligibility criteria.

What patches are available during the extended support period?
Medium, high and critical security patches are available for core Kubernetes components, Node OS and Google-managed containers bundled with the GKE cluster version.

For Container-optimized OS (COS) specifically, if node OS end-of-life occurs before the end of the GKE version’s extended support period, patch upgrades use updated supported Container-optimized OS versions. Review GKE release channels guidelines.

How do I configure GKE extended support?
Clusters in the Extended release channel receive extended support automatically upon entering the extended support period — there is no action required on your part. 

However, to receive extended support, ensure that your clusters are on the Extended release channel by moving to the new Extended channel when it is made available in the coming weeks. You can move a cluster from an existing channel to the new Extended release channel at any time as long as the cluster is eligible and the minor release is available in the target release channel. The operation is non-disruptive, although moving to the new Extended release channel may trigger an auto-upgrade to newer patch versions. Cluster administrators can apply maintenance windows and exclusions as needed. Review our GKE release channel documentation.

I’m not on a release channel, how do I move to the Extended release channel?
Assuming that you’ve met the eligibility criteria, moving a cluster that’s not enrolled in a release channel (a.k.a., static or “no channel”) to the Extended release channel works in a similar manner as moving to any other release channel. One difference is the type of control allowed. GKE release channels leverage maintenance exclusions of different scopes, so a cluster with a “no node auto-upgrade” node pool property would have to use the maintenance exclusion of type “No minor or node upgrades” instead. Review our GKE release channel documentation for more details.