Grafana vs Kubernetes
Side-by-side trajectory, velocity, and editorial themes.
Grafana ships a coordinated multi-branch security wave on top of the v13 release.
The recent timeline is dominated by security work: a synchronized May 12 release of patched builds across five supported lines (11.6, 12.2, 12.3, 12.4, 13.0) covering the same ten CVEs, plus a June 2 follow-on patch for 13.0.2 addressing a fresh batch including a Loki path-traversal and a Geomap URL sanitization fix. Underneath that, v13.0 itself shipped in April with bundled-datasource dashboards, the redesigned logs panel from v12.3, and the dynamic-dashboard automation from v12.4.
Grafana is operating a mature CNA-style disclosure pipeline — vendor-acknowledgement timestamps in patch notes suggest a private partner channel and synchronized backports. The product direction itself is consolidating around dashboard automation, logs UX, and easier onboarding. The two streams (feature shipping and security cadence) run in parallel without slowing each other.
Expect 13.0.x patch releases at roughly monthly cadence as more partner-acknowledged vulns land, alongside continued investment in dashboard templating and the logs/traces explorers that v12.3 and v12.4 set up.
Kubernetes 1.36 leans into workload-aware scheduling while clearing legacy security debt.
Kubernetes is mid-release cycle around v1.36, with multiple long-running features graduating to Beta or GA — Mixed Version Proxy, PSI metrics, volume group snapshots, and DRA maturation. The project is simultaneously deprecating Service.externalIPs over a six-year-old CVE class and archiving the official Dashboard in favor of Headlamp. The cadence is steady upstream release-train work, weighted toward AI/ML workload primitives this quarter.
The center of gravity is shifting toward batch and AI/ML workloads — the new PodGroup API, gang scheduling, DRA expansion, and workload-aware scheduling primitives all point that way. Security and ecosystem hygiene (CVE record correction, ExternalIPs removal, Dashboard sunset) are getting equal weight, suggesting the project is using v1.36 to clear inherited liabilities. etcd 3.7 entering beta means storage-layer changes are queued for the next release.
Expect v1.37 to make workload-aware scheduling defaults-on for batch workloads and graduate at least one DRA sub-feature to GA. The ExternalIPs removal will likely land as default-disabled in the same release.
See more alternatives to Grafana →
See more alternatives to Kubernetes →