diff --git a/configs/upgrades/onpremises/1.34.0-1.35.0/post-distribution.sh.tpl b/configs/upgrades/onpremises/1.34.0-1.35.0/post-distribution.sh.tpl
new file mode 100644
index 000000000..48a150304
--- /dev/null
+++ b/configs/upgrades/onpremises/1.34.0-1.35.0/post-distribution.sh.tpl
@@ -0,0 +1,20 @@
+#!/usr/bin/env sh
+
+set -e
+
+kubectlbin="{{ .paths.kubectl }}"
+
+{{- if .spec | digAny "kubernetes" "advanced" "kubeProxy" "enabled" true }}
+  {{- if eq .spec.distribution.modules.networking.type "calico" }}
+echo "Restarting daemonset/calico-node to apply nftables dataplane..."
+$kubectlbin rollout restart -n calico-system daemonset/calico-node
+$kubectlbin rollout status -n calico-system daemonset/calico-node --timeout=300s
+echo "calico-node restarted"
+  {{- end }}
+  {{- if eq .spec.distribution.modules.networking.type "cilium" }}
+echo "Restarting daemonset/cilium to apply kube-proxy mode change..."
+$kubectlbin rollout restart -n kube-system daemonset/cilium
+$kubectlbin rollout status -n kube-system daemonset/cilium --timeout=300s
+echo "Cilium restarted"
+  {{- end }}
+{{- end }}
diff --git a/configs/upgrades/onpremises/1.34.0-1.35.0/pre-kubernetes.sh.tpl b/configs/upgrades/onpremises/1.34.0-1.35.0/pre-kubernetes.sh.tpl
new file mode 100644
index 000000000..524755005
--- /dev/null
+++ b/configs/upgrades/onpremises/1.34.0-1.35.0/pre-kubernetes.sh.tpl
@@ -0,0 +1,47 @@
+#!/usr/bin/env sh
+
+set -eu
+
+kubectlbin="{{ .paths.kubectl }}"
+
+{{- if index .spec "kubernetes" }}
+
+
+{{- if .spec | digAny "kubernetes" "advanced" "kubeProxy" "enabled" true }}
+echo "Migrating kube-proxy from IPVS to nftables mode..."
+$kubectlbin get configmap -n kube-system kube-proxy -o json | \
+  sed 's/"mode": *"ipvs"/"mode": "nftables"/' | \
+  sed 's/mode: ipvs/mode: nftables/' | \
+  $kubectlbin apply --server-side -f -
+$kubectlbin rollout restart -n kube-system daemonset/kube-proxy
+$kubectlbin rollout status -n kube-system daemonset/kube-proxy --timeout=300s
+echo "kube-proxy migrated to nftables mode"
+{{- end }}
+
+
+{{- if index .spec.kubernetes "etcd" }}
+## etcd upgrades on dedicated nodes - only one at a time
+{{- range $h := .spec.kubernetes.etcd.hosts }}
+ansible-playbook 54.upgrade-etcd.yaml --limit "{{ $h.name }}" --become
+{{- end }}
+{{ else }}
+## etcd upgrades on control plane nodes - only one at a time
+{{- range $h := .spec.kubernetes.masters.hosts }}
+ansible-playbook 54.upgrade-etcd.yaml --limit "{{ $h.name }}" --become
+{{- end }}
+{{- end }}
+
+## master upgrades - only one at a time
+{{- range $h := .spec.kubernetes.masters.hosts }}
+ansible-playbook 55.upgrade-control-plane.yml --limit "{{ $h.name }}" --become
+{{- end }}
+
+{{- if ne .upgrade.skipNodesUpgrade true }}
+{{- range $n := .spec.kubernetes.nodes }}
+    {{- range $h := $n.hosts }}
+ansible-playbook 56.upgrade-worker-nodes.yml --limit "{{ $h.name }}"
+    {{- end }}
+{{- end }}
+{{- end }}
+
+{{- end }}