K8s users were waiting years for this, and v1.33 just made it real
Kubernetes v1.33 introduces a range of improvements, but a few stand out for anyone serious about real-world cluster operations. As someone managing production K8s environments daily, I want to highlight four updates that are particularly relevant to how we handle performance, scheduling, and flexibility in our infrastructure, including one that users have been waiting for for literally years. Let’s dive in.
1. In-Place Pod Resource Resizing (Beta)
This is definitely the most anticipated feature in v1.33. For years, vertical scaling in Kubernetes has meant one thing: restarting your Pod. That changes now.
With in-place pod resource resizing, you can modify CPU and memory requests/limits for running Pods without restarting them. This means zero downtime and no disruption to application state. You now have real-time control over resource allocation.
Why it matters
In practice, this addresses a major limitation that led many teams to avoid VPA (Vertical Pod Autoscaler). VPA can’t work alongside HPA (Horizontal Pod Autoscaler), so teams would often avoid vertical scaling altogether. Instead, they’d overprovision and just eat the cost. This new capability eliminates the need for restart-based scaling, opening the door to smarter resource management.
Suppose you have a backend service that occasionally spikes in memory usage. Before, if you detected a need to raise memory limits, you’d have to relaunch the Pod. Now, with a single patch to the Pod spec, you can increase memory allocation in real time:
kubectl patch pod <pod-name> \
-p '{"spec":{"containers":[{"name":"<container-name>","resources":{"limits":{"memory":"1Gi"}}}]}}'
It’s important to note that this feature, while highly anticipated, also adds complexity to the overall management of your clusters. The reason for this is that when you enlarge a pod, it can suddenly be too big for the node it’s currently inhabiting, so it would then need to be transferred to a node that can hold it, which could cause interruptions.
But even with those further complications, this feature is definitely the big reveal for this update and a game-changer, but below are a few more minor, newly available features in v1.33:
2. Mounting Images as Volumes (Beta)
This feature allows you to mount container images directly as volumes within your Pods. Think of it like preloading your Pod with a specific set of files from a container image, without actually running the container.
Why it matters
This is great for delivering static assets, configs, or binaries that don’t change often. Instead of bundling these with every container or managing a separate ConfigMap or Volume, you just mount them as an image volume.
Let’s say you want to preload a Pod with diagnostic tools without baking them into the application image. You can mount a container image with those tools as a read-only volume in your Pod spec:
volumes:
- name: debug-tools
image:
name: myregistry/debug-tools:latest
containers:
- name: app
image: myapp:latest
volumeMounts:
- name: debug-tools
mountPath: /tools
readOnly: true
3. Early Handling of Unscheduled Pods (Scheduler ActiveQ Optimization)
Kubernetes v1.33 updates the scheduler to allow handling unscheduled Pods even when the active scheduling queue (ActiveQ) is empty. Previously, the scheduler wouldn’t begin processing the unschedulable queue unless the active one had Pods in it. That led to delays.
Why it matters
This change improves scheduling responsiveness. In real scenarios, if your workloads were unschedulable due to resource constraints, and no new Pods were entering the ActiveQ, the scheduler might not reconsider those Pods promptly. This update fixes that.
Let’s say a batch job couldn’t be scheduled due to CPU limits. Previously, after scaling up node capacity, the job might not get picked up right away. Now, with the new logic, the scheduler will actively look at the unschedulable queue even when ActiveQ is empty—meaning faster scheduling once conditions change.
4. Pod procMount Field (GA)
This one’s for security-sensitive workloads. The procMount option in the Pod spec lets you control how the /proc filesystem is mounted inside containers. As of v1.33, it’s now stable.
Why it matters
By default, Kubernetes uses the Default mount type, but some applications or hardened security environments may require hiding kernel pointers using the Unmasked option (for legacy compatibility) or enabling more restrictive behavior.
Here’s how you can use it to explicitly define the mount type:
securityContext:
procMount: Default # or Unmasked
For containers running with escalated privileges or doing kernel-level monitoring, having control over /proc is critical. This feature gives you that control in a native, declarative way.
These four enhancements move us closer to what Kubernetes should be: a more dynamic, responsive, and secure system. If you’re managing large clusters or mission-critical workloads, start testing these features now. Kubernetes v1.33 is a meaningful step forward.
Related Articles
-
Kubernetes Updates – June
July 16, 2025 -
The endless cycle of manual K8s cost optimization is costing you
July 2, 2025 -
This is the #1 cloud budget killer (and it’s easier to fix than you think)
June 16, 2025 -
Kubernetes Updates – April 2025
May 21, 2025 -
Why Most K8s Optimization Strategies Fail (And How to Fix Yours)
May 20, 2025
