gardener · n-boshnakov · Apr 16, 2026 · Mar 25, 2026
@@ -23,7 +23,7 @@ aside: false
 |<img src="./images/b1-systems.png" alt="B1 Systems GmbH"/>| <a href="https://www.b1-systems.de" target="_blank">B1 Systems GmbH</a> is a international provider of Linux &amp; Open Source consulting, training, managed service &amp; support. We are founded in 2004 and based in Germany. Our team of 140 Linux experts offers tailor-made solutions based on cloud &amp; container technologies, virtualization &amp; high availability as well as monitoring, system &amp; configuration management. B1 is using Gardener internally and also set up solutions/environments for customers. |
 |<img src="./images/codesphere.png" alt="Codesphere"/>| <a href="https://codesphere.com" target="_blank">Codesphere</a> is a Cloud IDE with integrated and automated deployment of web apps. It uses Gardener internally to manage clusters that host customer deployments and internal systems all over the world.
 |<img src="./images/plusserver.png" alt="plusserver"/>| <a href="https://plusserver.com/en" target="_blank">plusserver</a> combines its own cloud offerings with hyperscaler platforms to provide individually tailored multi-cloud solutions. The <a href="https://www.plusserver.com/en/product/managed-kubernetes/" target="_blank">plusserver Kubernetes Engine (PSKE)</a> based on Gardener reduces the complexity in managing multi-cloud environments and enables companies to orchestrate their containers and cloud-native applications across a variety of platforms such as plusserver's pluscloud open or hyperscalers such as AWS, either by mouseclick or via an API. With PSKE, companies remain vendor-independent and profit from guaranteed data sovereignty and data security due to GDPR-compliant cloud platforms in the certified plusserver data centers in Germany.
-|<img src="./images/cyso-cloud-logo-transparent.png" alt="Cyso Cloud"/>| <a href="https://cyso.cloud" target="_blank">Cyso Cloud</a> uses Gardener as the basis for its <a href="https://cyso.cloud/managed-kubernetes/" target="_blank">Managed Kubernetes</a>, a <a href="https://my.fuga.cloud/post-emk" target="_blank">platform</a> that simplifies the management of your k8s and provides insight into usage and performance. The other Cyso Cloud service can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Cyso stands for Digital Sovereignty, Data Portability and GDPR compatibility.
+|<img src="./images/cyso-cloud-logo-transparent.png" alt="Cyso Cloud"/>| <a href="https://cyso.cloud" target="_blank">Cyso Cloud</a> uses Gardener as the basis for its <a href="https://cyso.cloud/services/managed-kubernetes/" target="_blank">Managed Kubernetes</a>, a <a href="https://my.fuga.cloud/post-emk" target="_blank">platform</a> that simplifies the management of your k8s and provides insight into usage and performance. The other Cyso Cloud service can be added with a mouse click, and the choice of another cloud provider is a negotiable option. Cyso stands for Digital Sovereignty, Data Portability and GDPR compatibility.
 |<img src="./images/metalstack.cloud.png" alt="Metalstack Cloud"/>| <a href="https://metalstack.cloud" target="_blank">metalstack.cloud</a> uses Gardener and is based on the open-source software <a href="https://metal-stack.io" target="_blank">metal-stack.io</a>, which is developed for regulated financial institutions. The focus here is on the highest possible security and compliance conformity. This makes metalstack.cloud perfect for running enterprise-grade container applications and provides your workloads with the highest possible performance.
 |<img src="./images/cleura-log-black.png" alt="Cleura"/>| <a href="https://cleura.com" target="_blank">Cleura</a> uses Gardener to power its Container Orchestration Engine for <a href="https://cleura.cloud">Cleura Public Cloud</a> and <a href="https://cleura.com/services/compliant-cloud/">Cleura Compliant Cloud</a>. Cleura Container Orchestration Engine simplifies the creation and management of Kubernetes clusters through their user-friendly Cleura Cloud Management Panel or API, allowing users to focus on deploying applications instead of maintaining the underlying infrastructure.
 |<img src="./images/pits-globale-datenrettungsdienste.svg" alt="PITS Globale Datenrettungsdienste"/>| <a href="https://www.pitsdatenrettung.de/" target="_blank">PITS Globale Datenrettungsdienste</a> is a data recovery company located in Germany specializing in recovering lost or damaged files from hard drives, solid-state drives, flash drives, and other storage media. Gardener is used to handle highly-loaded internal infrastructure and provide reliable, fully-managed K8 cluster solutions.

@@ -43,15 +43,15 @@ Shoot clusters may refer to external objects, like `Secrets` for specified DNS p
 
 ### Support for Resource Quotas ([gardener/gardener#2627](https://github.com/gardener/gardener/pull/2627))
 
-After the Kubernetes upstream change ([kubernetes/kubernetes#93537](https://github.com/kubernetes/kubernetes/pull/93537)) for externalizing the backing admission plugin has been accepted, we are happy to announce the support of [ResourceQuotas]( https://kubernetes.io/docs/concepts/policy/resource-quotas/) for Gardener offered resource kinds. [ResourceQuotas](https://kubernetes.io/docs/concepts/policy/resource-quotas/) allow you to specify a maximum number of objects per namespace, especially for end-user objects like `Shoots` or `SecretBindings` in a project namespace. Even though the admission plugin is enabled by default in the Gardener API Server, make sure the Kube Controller Manager runs the `resourcequota` controller as well.
+After the Kubernetes upstream change ([kubernetes/kubernetes#93537](https://github.com/kubernetes/kubernetes/pull/93537)) for externalizing the backing admission plugin has been accepted, we are happy to announce the support of [ResourceQuotas](https://kubernetes.io/docs/concepts/policy/resource-quotas/) for Gardener offered resource kinds. [ResourceQuotas](https://kubernetes.io/docs/concepts/policy/resource-quotas/) allow you to specify a maximum number of objects per namespace, especially for end-user objects like `Shoots` or `SecretBindings` in a project namespace. Even though the admission plugin is enabled by default in the Gardener API Server, make sure the Kube Controller Manager runs the `resourcequota` controller as well.
 
 ### Watch Out Developers, Terraformer v2 is Coming! ([gardener/gardener#3034](https://github.com/gardener/gardener/pull/3034))
 
 Although not related only to Gardener core, the preparation towards [Terraformer v2](https://github.com/gardener/terraformer/pull/48) in the [extensions library](https://github.com/gardener/gardener/tree/master/extensions) is still an important milestone to mention. With Terraformer v2, Gardener extensions using Terraform scripts will benefit from great consistency improvements. Please check out [PR #3034](https://github.com/gardener/gardener/pull/3034), which demonstrates necessary steps to transition to Terraformer v2 as soon as it’s released.
 
 ## Notable Changes in v1.11
 
-The Gardener community worked eagerly to deliver plenty of improvements with version v1.11. Those help us to further progress with topics like [control plane migration]( https://github.com/gardener/gardener/blob/master/docs/proposals/07-shoot-control-plane-migration.md), which is actively being worked on, or to harden our load balancer consolidation ([APIServerSNI](https://github.com/gardener/gardener/blob/master/docs/proposals/08-shoot-apiserver-via-sni.md)) feature.
+The Gardener community worked eagerly to deliver plenty of improvements with version v1.11. Those help us to further progress with topics like [control plane migration](https://github.com/gardener/enhancements/blob/main/geps/0007-shoot-control-plane-migration/README.md), which is actively being worked on, or to harden our load balancer consolidation ([APIServerSNI](https://github.com/gardener/enhancements/blob/main/geps/0008-shoot-apiserver-via-sni/README.md)) feature.
 Besides improvements and fixes (full list available in release notes), this release contains major features as well, and we don’t want to miss a chance to walk you through them.
 
 ### Gardener Admission Controller ([gardener/gardener#2832](https://github.com/gardener/gardener/pull/2832)), ([gardener/gardener#2781](https://github.com/gardener/gardener/pull/2781))

@@ -88,8 +88,8 @@ Of course, this meant implementation effort. But by reusing the Gardener project
 ## Full Speed Ahead with the Community in 2021
 
 Some of the current and most active topics are about the installer ([Landscaper](https://github.com/gardener/landscaper)), 
-[control plane migration](https://github.com/gardener/gardener/blob/master/docs/proposals/07-shoot-control-plane-migration.md), 
-[automated seed management](https://github.com/gardener/gardener/blob/master/docs/proposals/13-automated-seed-management.md) and 
+[control plane migration](https://github.com/gardener/enhancements/blob/main/geps/0007-shoot-control-plane-migration/README.md), 
+[automated seed management](https://github.com/gardener/enhancements/blob/main/geps/0013-automated-seed-management/README.md) and 
 documentation. Even though once you are into Kubernetes and then Gardener, all complexity falls into place, you can make all the semantic connections yourself. But beginners that join the community without much prior knowledge should experience a ramp-up with slighter slope. And that is currently a pain point. Experts directly ask questions about documentation not being up-to-date or clear enough. We prioritized the functionality of what you get with Gardener at the outset and need to catch up.
 But here is the good part: Now that we are starting the installation subject, later we will have a much broader picture of what we need to install and maintain Gardener, and how we will build it.
 
@@ -112,6 +112,6 @@ Users of a particular product or service increasingly vote/decide for open sourc
 
 ### #3 Cloud Native Skills
 
-Gardener solves problems by applying Kubernetes and Kubernetes principles itself. Developers and operators who obtain familiarity with Kubernetes will immediately notice and appreciate our concept and can contribute intuitively. The Gardener maintainers feel responsible to facilitate community members and contributors. Barriers will further be reduced by our ongoing landscaper and documentation efforts. This is why we are so confident on [Gardener adoption](../../adopter/_index.md).
+Gardener solves problems by applying Kubernetes and Kubernetes principles itself. Developers and operators who obtain familiarity with Kubernetes will immediately notice and appreciate our concept and can contribute intuitively. The Gardener maintainers feel responsible to facilitate community members and contributors. Barriers will further be reduced by our ongoing landscaper and documentation efforts. This is why we are so confident on [Gardener adoption](../../../adopter/_index.md).
 
 The Gardener team is gladly welcoming new community members, especially regarding adoption and contribution. Feel invited to try out your very own Gardener installation, join our [Slack workspace](https://gardener-cloud.slack.com/) or [community calls](https://github.com/gardener/documentation/blob/master/website/documentation/contribute/_index.md#bi-weekly-meetings). We’re looking forward to seeing you there!
@@ -12,15 +12,16 @@ tags:
   - technical-deep-dive
   - apeiro
 ---
-The Kubernetes ecosystem is dynamic, offering a wealth of tools to manage the complexities of modern cloud-native applications. For enterprises seeking to provision and manage Kubernetes clusters efficiently, securely, and at scale, a robust and comprehensive solution is paramount. Gardener, born from years of managing tens of thousands of clusters efficiently across diverse platforms and in demanding environments, stands out as a fully open-source choice for delivering fully managed Kubernetes Clusters as a Service. It already empowers organizations like SAP, STACKIT, T-Systems, and others (see [adopters](https://gardener.cloud/adopter)) and has become a core technology for [NeoNephos](https://neonephos.org/projects), a project aimed at advancing digital autonomy in Europe (see [KubeCon London 2025 Keynote](https://www.youtube.com/watch?v=85MDID9Ju04&t=621s) and [press announcement](https://neonephos.org/press/2025/the-linux-foundation-announces-the-launch-of-neonephos-to-advance-digital-autonomy-in-europe/)).
+
+The Kubernetes ecosystem is dynamic, offering a wealth of tools to manage the complexities of modern cloud-native applications. For enterprises seeking to provision and manage Kubernetes clusters efficiently, securely, and at scale, a robust and comprehensive solution is paramount. Gardener, born from years of managing tens of thousands of clusters efficiently across diverse platforms and in demanding environments, stands out as a fully open-source choice for delivering fully managed Kubernetes Clusters as a Service. It already empowers organizations like SAP, STACKIT, T-Systems, and others (see [adopters](https://gardener.cloud/adopter)) and has become a core technology for [NeoNephos](https://neonephos.org/projects), a project aimed at advancing digital autonomy in Europe (see [KubeCon London 2025 Keynote](https://www.youtube.com/watch?v=85MDID9Ju04&t=621s) and [press announcement](https://linuxfoundation.eu/newsroom/the-linux-foundation-announces-the-launch-of-neonephos-to-advance-digital-autonomy-in-europe)).
 
 ### The Gardener Approach: An Architecture Forged by Experience
 
 At the heart of Gardener's architecture is the concept of "Kubeception" (see [readme](https://github.com/gardener/gardener?tab=readme-ov-file#gardener) and [architecture](https://github.com/gardener/gardener/blob/master/docs/concepts/architecture.md)). This approach involves using Kubernetes to manage Kubernetes. Gardener runs on a Kubernetes cluster (called a **runtime cluster**), facilitates access through a self-managed node-less Kubernetes cluster (the **garden cluster**), manages Kubernetes control planes as pods within other self-managed Kubernetes clusters that provide high scalability (called **seed clusters**), and ultimately provisions end-user Kubernetes clusters (called **shoot clusters**).
 
 This multi-layered architecture isn't complexity for its own sake. Gardener's design and extensive feature set are the product of over eight years of continuous development and refinement, directly shaped by the high-scale, security-sensitive, and enterprise-grade requirements of its users. Experience has shown that such a sophisticated structure is key to addressing significant challenges in scalability, security, and operational manageability. For instance:
 
-*   **Scalability:** Gardener achieves considerable scalability through its use of **seed clusters**, which it also manages. This allows for the distribution of control planes, preventing bottlenecks. The design even envisions leveraging Gardener to host its own management components (as an [**autonomous cluster**](https://github.com/gardener/gardener/blob/master/docs/proposals/28-autonomous-shoot-clusters.md)), showcasing its resilience without risking circular dependencies.
+*   **Scalability:** Gardener achieves considerable scalability through its use of **seed clusters**, which it also manages. This allows for the distribution of control planes, preventing bottlenecks. The design even envisions leveraging Gardener to host its own management components (as an [**autonomous cluster**](https://github.com/gardener/enhancements/blob/main/geps/0028-self-hosted-shoot-clusters/README.md)), showcasing its resilience without risking circular dependencies.
 *   **Security:** A fundamental principle in Gardener is the strict isolation of control planes from data planes. This extends to Gardener itself, which runs in a dedicated management cluster but exposes its API to end-users through a workerless virtual cluster. This workerless cluster acts as an isolated access point, presenting no compute surface for potentially malicious pods, thereby significantly enhancing security.
 *   **API Power & User Experience:** Gardener utilizes the full capabilities of the Kubernetes API server. This enables advanced functionalities and sophisticated API change management. Crucially, for the end-user, interaction remains 100% Kubernetes-native. Users employ standard custom resources to instruct Gardener, meaning any tool, library, or language binding that supports Kubernetes CRDs inherently supports Gardener.
 

@@ -74,5 +74,5 @@ In-place node updates represent a significant step forward in Gardener's operati
 
 To explore the technical details and contributions that made this feature possible, refer to the following resources:
 *   **Parent Issue for "[GEP-31] Support for In-Place Node Updates"**: [Issue #10219](https://github.com/gardener/gardener/issues/10219)
-*   **GEP-31: In-Place Node Updates of Shoot Clusters**: [GEP-31: In-Place Node Updates of Shoot Clusters](https://github.com/gardener/gardener/blob/master/docs/proposals/31-inplace-node-update.md)
+*   **GEP-31: In-Place Node Updates of Shoot Clusters**: [GEP-31: In-Place Node Updates of Shoot Clusters](https://github.com/gardener/enhancements/blob/main/geps/0031-inplace-node-updates/README.md)
 *   **Developer Talk Recording (starting at 39m37s)**: [Youtube](https://youtu.be/ZwurVm1IJ7o?t=2377)
@@ -59,6 +59,6 @@ These new `gardenadm` commands significantly simplify the expansion of autonomou
 
 ### Further Information
 
-*   **`gardenadm token` Pull Request:** [GEP-28](https://github.com/gardener/gardener/blob/master/docs/proposals/28-autonomous-shoot-clusters.md) `gardenadm token` ([#11934](https://github.com/gardener/gardener/pull/11934))
-*   **`gardenadm join` Pull Request:** [GEP-28](https://github.com/gardener/gardener/blob/master/docs/proposals/28-autonomous-shoot-clusters.md) `gardenadm join` ([#11942](https://github.com/gardener/gardener/pull/11942))
+*   **`gardenadm token` Pull Request:** [GEP-28](https://github.com/gardener/enhancements/blob/main/geps/0028-self-hosted-shoot-clusters/README.md) `gardenadm token` ([#11934](https://github.com/gardener/gardener/pull/11934))
+*   **`gardenadm join` Pull Request:** [GEP-28](https://github.com/gardener/enhancements/blob/main/geps/0028-self-hosted-shoot-clusters/README.md) `gardenadm join` ([#11942](https://github.com/gardener/gardener/pull/11942))
 *   **Recording of the demo:** Watch the demo starting at [12m48s](https://youtu.be/ssvXpPliOY0?t=768)
@@ -46,7 +46,7 @@ The [PR #12260](https://github.com/gardener/gardener/pull/12260) is awaiting rev
 
 Improving how users monitor and manage Gardener clusters was another key theme.
 
-A significant step towards Gardener's [Observability 2.0 initiative](https://github.com/gardener/gardener/blob/master/docs/proposals/34-observability2.0-opentelemtry-operator-and-collectors.md) was made with the **OpenTelemetry Transport for `Shoot` Metrics** ([watch presentation](https://youtu.be/TCLXovw43HA?t=808s)).
+A significant step towards Gardener's [Observability 2.0 initiative](https://github.com/gardener/enhancements/blob/main/geps/0034-observability2.0-opentelemetry/README.md) was made with the **OpenTelemetry Transport for `Shoot` Metrics** ([watch presentation](https://youtu.be/TCLXovw43HA?t=808s)).
 The current method of collecting shoot metrics via the Kubernetes API server `/proxy` endpoint lacks fine-tuning capabilities.
 The hackathon proved the viability of collecting and filtering shoot metrics via OpenTelemetry collector instances on shoots, transporting them to Prometheus OTLP ingestion endpoints on seeds. This allows for more flexible and modern metrics collection.