elbv2 multicert

[ccampo133]

• ignore "vmdk not found" vsphere errors during unmount (assume success)
• add kubectl fish shell completion
• subatomic: Creates the symlinks to user-visible files later
• migrate logs.
• Fix error path in file /verify-prerelease-lifecycle-tags.sh.
• fix kubectl alpha debug node does not work on tainted nodes
• use already defined variable
• fix typo in retry doc
• Updating OWNERS_ALIASES for SIG-Windows
• code-generator/register-gen: groupName can't use '// +groupName=somegroup ' to override
• Support dynamically set log level for kube-proxy
• test images: Adds cuda-vector-add-old image
• Omit redundant nil check in type assertion
• Add kubelet managed pod metrics
• Fix typo in gci/README.md
• cleanup: fix errors ending with punctuation in proxy
• Correctly drain timer
• update the usage doc of prerelease-lifecycle-gen
• use PermitWithoutStream=true for etcd: send pings even without active streams
• go-to-protobuf: small fixes to improve debuggability
• Issue 2683 was closed with PR 2690 sSimran should now be part of kubernetes ORG
• promote HugePageStorageMediumSize to GA
• e2e: test SSH port on NodeSSHHosts
• Make the service account error more apparent
• extract same code of es and esm to pkg
• Update the typo in values of pods in performance-config.yaml
• remove Factory that not used
• kubectl: show consistent unit format in quota describe
• Add benchmark for LabelSelectorAsSelector
• Improve slice allocation in LabelSelectorAsSelector
• Add build instruction for buildx CLI plugin
• Skip node container manager test on systemd
• test images: Adds windows-nanoserver image
• Fix RollingUpdateDaemonSet godoc regarding rounding
• nit: Update comment to match headers change.
• Added field-selector option for kubectl top pod
• add NoExecute toleration for konnectivity agent
• Fix misspelling and misgrammar
• e2e test: fix Pause in Deployment iterative rollouts
• e2e test: bump ProgressDeadlineSeconds in Deployment iterative rollouts
• Ensure node e2e apiserver and test suite can open enough files
• Migrate kube-proxy to use v1 Event API
• Add support for expanding local volumes
• Remove ManagedPod,ManagedContainer metrics
• Return StatusError 404 in fake client when resource is not found
• e2e: grab controller and scheduler metrics via port forwarding
• e2e metrics: check whether debug handlers are available
• e2e metrics: skip tests when metrics grabbing is disabled
• e2e metrics: remove redundant checks around metrics tests
• Ensure images are pulled after eviction tests
• remove windows service not used global variable
• tests: Spawn poststart / prestop pods on the same node as the http pod
• apf: calculation of dR/dt should use seats in use
• remove not used IsStaticPod, prevent possible panic
• Update github.com/pkg/errors to go native errors pkg
• GCE Windows: Set TCP/IP parameters to keep idle connections alive on GCE.
• Removed usage of github.com/pkg/errors
• Increase pressure timout on DiskPressure test
• add containers starttime metrics for metrics/resource endpoint
• kubelet: add shutdown events
• Allow the actual inhibit delay to be greater than the expected inhibit delay
• Upgrade etcd to 3.5.0
• images: Removes OS Version workaround for manifest list images
• tests: Wait for the network connectivity first
• Allow securityContext in EphemeralContainers
• Generated code for securityContext in EphemeralContainers
• Apply PSP container tests to EphemeralContainers
• Add distributed tracing to the etcd client
• cleanup: fix errors in wrapped format and log capitalization in proxy
• Promote Stateful Status e2e test to Conformance
• ResourceConfigForPod: check initContainers as other QoS func
• fix typo for daemon_controller_test.go
• promote client.authentication.k8s.io to v1
• Kubelet Credential Provider
• add tracing to the apiserver's client-go requests
• e2e: increase readiness gate timeout
• Fix Data Race in nodeshutdown restart
• test/integration: rename package and files name from master to controlplane in test/integration
• Update github.com/pkg/errors with go native errors pkg
• Add NodeSwapEnabled feature flag
• Update local-up-cluster.sh swap warning
• API change: add MemorySwap to KubeletConfiguration
• Update CRI with memory_swap_limit_in_bytes
• Add validation for KubeletConfig MemorySwap
• Set MemorySwapLimitInBytes for CRI when NodeSwapEnabled
• Rename NoSwap to LimitedSwap as workloads may still swap
• Add generated files for swap API changes
• Ensure MemorySwapConfig can't be set without feature flag
• Shorten test time
• Error should be checked first, then go to other steps.
• Extent the NodeResourcesBalancedAllocation plugin to cover more resources
• Kubeproxy uses V1 EndpointSlice
• Prioritizing nodes based on volume capacity: API changes
• make sure to split NPD hashes by architecture when upgrading to 0.8.9
• Retry hostname->IP: [Errno -2] Name or service not known
• move tracing instantiation further up, and check for nil
• [PodSecurity] baseline - apparmor Implement the "AppArmor" check from https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
• PodSecurity: baseline hostProcess check
• hostProcess test fixture data
• remove webhook.go to revert changes to conformance test
• kubeadm: introduce apis/bootstraptoken/v1
• kubeadm: use the bootstraptoken/v1 API across the code base
• kubeadm: remove versioned copies of the bootstrap token API and utils
• kubeadm: update v1beta3's godoc changelog
• podsecurity: add restricted volume type check
• Manually update kustomize attachment points.
• Upgrade kustomize-in-kubectl to v4.2.0
• Fix doc comment
• Add an IPFamily() method to ipallocator
• Fix typo in IP allocator error
• Remove bad test for AllocateLoadBalancerNodePorts
• Service REST test: remove unused fields
• Service REST test: always check errors
• Service REST test: Use helper funcs to streamline
• Service REST test: helper funcs for ports, too
• Move service test-helper funcs to a package
• Service REST test: Remove pointless scaffolding
• Service REST test: mostly remove tests of "inner"
• Service REST test: remove last use of "inner"
• Move endpoints test-helper funcs to a package
• Service REST test: remove obsolete setup param
• Service REST test: remove pointless scaffolding
• Service REST test: remove unused return value
• Service REST test: remove obscure const
• add deprecated message for igonre-errors flag, and fix unsafety http link
• csr: add expirationSeconds field to control cert lifetime
• Generated
• csr: update e2e conformance test with expirationSeconds usage
• Service REST test: better IP and port alloc checks
• Service REST test: Fix some names
• Service REST test: Remove pointless cleanup
• cluster: enable debug handlers on GCE master nodes
• add RetryOnConflict to pod status updates
• rename terminationSignals to lifecycleSignals
• remove logging from the Signal method
• dry-run can work when using an external ca
• Warn user for runtime support of debug targeting
• readyz signals when the handler succeeds for the first time.
• adds HasBeenReady signal that fires when the readyz endpoint succeeds
• Make cpu request of kube proxy configurable by env variable.
• change tracing service from kube-apiserver to apiserver
• fix azure disk translation issue
• Use system-validators v1.5.0
• promote ServiceLBNodePortControl to beta
• Update the related tests
• Add tests for LB type service
• Fix the beta release version.
• Add integration test for LB node port control
• deprecate and disable by default DynamicKubeletConfig feature flag
• implement EnqueueExtensions interface in volumebinding
• Update kernel components to run as non-root in kubeadm.
• remove stack trace log when sorting with a bad unsortable field
• cluster,hack: Use community infra GCS bucket for retrieving CI builds
• Added unit tests for ExpandPathsToFileVisitors
• feature gate
• Combine capability check implementations
• Pass FsGroup to NodePublishVolume
• Pass FsGroup to MountDevice
• Pass FsGroup to NodeStageVolume
• Moved VOLUME_MOUNT_GROUP capability check from NodeStageVolume to MountDevice; added log message in SetupAt to indicate FSGroup is delegated to driver
• re-order the imports in kubeadm
• cleanup: Removes GcrRelease and SampleRegistry from manifest.go
• fix: return empty VMAS name if using standalone VM
• kubeadm: fix nil pointer in Cfg() feature gate checking
• Bump distroless/base image to latest version
• merge packages of scheduler/core and scheduler
• refactored extenders from scheduler/core to scheduler
• fix compatibiltiy test
• reduce cpu usage of kube-proxy with iptables mode
• fix compatibiltiy_test failures
• Fix resource metrics e2e test
• Readable error message on the plugin configs of the removed plugins
• Revert "Update runc to 1.0.0"
• kubeadm: fix godoc formatting for v1beta3
• memory manager: re-use the memory allocated for init containers
• memory manager: remove init containers once app container started
• memory manager: provide unittests for init containers re-use
• kubeadm: statically default ImagePullPolicy in v1beta3
• Add backwards compatibility for kubectl debug
• fix update-translations.sh
• update-translations.sh: add fix translations option (-k)
• update translations
• Switch to the version instead of the latest
• apiserver: add callback to get notified of object count
• update url
• Fix(test/integration/util): fix typo on logging message
• test/integration/quota: deflake TestQuotaLimitService by collapsing test cases and adding a short delay for resource quota to propagate
• test/integration/quota: update TestQuotaLimitService to explicitly check for Forbidden status when quota limit is exceeded
• test/integration/quota: refactor Service forbidden check into helper function
• test/integration/quota: poll for ResourceQuota used status in TestQuotaLimitService
• Add verbose logs for node/plugin scores when scheduling
• Hide long and multiline strings when printing
• Promote the ServiceInternalTrafficPolicy field to Beta and on by default (Promote the ServiceInternalTrafficPolicy field to Beta and on by default kubernetes/kubernetes#103462)
• test/e2e/network: add Service internalTrafficPolicy test pod to pod
• test/e2e/network: add Service internalTrafficPolicy test pod (w/ host network) -> pod
• test/e2e/network: add Service internalTrafficPolicy test for pod -> pod (w/ host network)
• test/e2e/network: add Service internalTrafficPolicy test for pod (w/ host network) -> pod (w/ host network)
• exec credential provider: update tests+metadata for v1
• apf: add additional latency into width
• Promote LogarithmicScaleDown to beta
• Don't return in api validation
• add yaml separator validation and avoid silent ignoration
• Custom plugin config should take precedence over default plugin config
• PodSecurity: Make check-specific passing fixtures optional
• PodSecurity: clean up unnecessary passing fixtures
• This introduces an Impersonate-Uid header to server side code.
• instantiates scheduler ComponentConfig after parsing feature gates
• Update the logic to pick the best queue in P&F
• Fix pkg/api/pod/util tests to ensure feature gate is set
• Keep pod worker running until pod is truly complete
• Explicitly set LimitedSwap case with fallthrough
• Deprecate azure and gcp in-tree auth plugins
• Move pod-security-admission to an external Attributes interface
• sort and filter exposed Pod IPs
• Fix small bug with AllocateLoadBalancerNodePorts
• Clean up testing of AllocateLoadBalancerNodePorts
• Add DataSourceRef field to PVC spec
• Update API documents
• Regenerate
• Add validation for Prober TerminationGracePeriodSeconds
• Add test for validateProbe
• fix delete nil pointer panic
• [Pod Security] Baseline + restricted policy checks for seccomp ([Pod Security] Baseline + restricted policy checks for seccomp kubernetes/kubernetes#103341)
• New feature gate: KubeletInUserNamespace
• kubelet/cm: ignore sysctl error when running in userns
• kube-proxy: allow running in userns
• kubelet: ignore /dev/kmsg error when running in userns
• Refinements to pick queue logic in P&F
• Clean up the remaining master names in test/integration
• deprecate unused option deployment-controller-sync-period for deployment controller
• Avoid code duplication in watchcache
• Add watch tracker to APF for request cost estimation
• Minor adjustments to descriptions and example text
• Bump version of Addon Resizer used by Metrics Server
• Implement check_dropAllCapabilities.go and test/fixtures_dropAllCapabilities.go
• [disruptioncontroller] Don't error for unmanaged pods
• client-go: copying object to fix data race (client-go: fixture data race kubernetes/kubernetes#103148)
• Update dropCapabilities check/fixtures
• Rename to capabilities_restricted
• Update generated files
• Refactor of TestValidateIngressClass and TestValidateIngressClassUpdate methods by adding Boilerplate in helper functions #FIXES: 99005
• fix translations location in update-translations.sh
• copy podStatus.ContainerStatuses before sorting it
• update translations
• add test for triggering race condition
• apf: fix bootstrap ensurer log message
• Truncate endpoints over a 1000 addresses
• sched: provide an option for plugin developers to move pods to activeQ
• PodSecurity: use code/reason/details from admission library
• Graduate EndpointSliceProxying and WindowsEndpointSliceProxying Gates
• kubeadm: statically default the "from cluster" InitConfiguration
• Service: Fix semantics for Update wrt allocations
• feature: support Memory QoS for cgroups v2
• podsecurity: added ValidatePodSecurityConfiguration
• fix CleanScope so we can resolve correct verb for apiserver_request_terminations_total
• update to new k8s.io/utils
• switch from golang-lru to the one in k8s.io/utils
• update vendor after switch
• Fix dbus config path for GracefulNodeShutdown e2e
• Restore ability to print long strings
• PodSecurity: add message helper
• PodSecurity: allowPrivilegeEscalation: cleanup
• PodSecurity: allowPrivilegeEscalation: regenerate files
• PodSecurity: appArmorProfile: cleanup
• PodSecurity: baseline capabilities: cleanup
• PodSecurity: baseline capabilities: regenerate files
• PodSecurity: restricted capabilities: cleanup
• PodSecurity: restricted capabilities: regenerate files
• PodSecurity: hostNamespaces: cleanup
• PodSecurity: hostPathVolumes: cleanup
• PodSecurity: hostPathVolumes: regenerate files
• PodSecurity: hostPorts: cleanup
• PodSecurity: windowsHostProcess: cleanup
• PodSecurity: windowsHostProcess: regenerate files
• PodSecurity: privileged: cleanup
• PodSecurity: procMount: cleanup
• PodSecurity: restrictedVolumes: cleanup
• PodSecurity: restrictedVolumes: regenerate files
• PodSecurity: runAsNonRoot: cleanup
• PodSecurity: runAsNonRoot: regenerate files
• PodSecurity: seccompProfile_restricted: cleanup
• PodSecurity: seccompProfile_restricted: regenerate files
• PodSecurity: seccompProfile_baseline: cleanup
• PodSecurity: seccompProfile_baseline: regenerate files
• PodSecurity: sysctls: cleanup
• PodSecurity: seLinuxOptions: cleanup
• PodSecurity: seLinuxOptions: regenerate files
• PodSecurity: Drop field path from container visitor
• limit warnings to requests that would otherwise succeed, reformat warning message
• Use cmp.Diff() replace reflect and diagnosis
• Don't set sysctl net.ipv4.vs.conn_reuse_mode for kernels >=5.9
• fix kubelet panic when DynamicKubeletConfig enabled
• update license gathering script for forked code
• CHANGELOG: Update directory for v1.22.0-beta.1 release
• Simplify use of the fake dynamic client
• Add Job.status.uncountedPodUIDs
• kubectl: update set command description to include cronjob resource (kubectl: update set command description to include cronjob resource kubernetes/kubernetes#102503)
• update the help text of KubeletConfig following the DynamicKubletConfig feature deprecation
• CRI: add fields for pod level stats to satisfy the /stats/summary API
• kubelet: update remote runtimes for cri stat changes
• Track Job Pods completion in status
• Explicitly skip host file mounting for windows
• Only use dualstack if the node and config supports it
• Revert "apiserver: add callback to get notified of object count"
• prevent mutation of deletion options during delete collection
• smtalign: add cpu-manager-policy-options flag in Kubelet
• smtalign: add auto generated code
• smtalign: propagate policy options to cpumanager
• smtalign: cm: factor out admission response
• smtalign: propagate policy options to policies
• smtalign: e2e: add tests
• promote EndpointSliceTerminatingCondition to Beta
• test/intergration/endpointslice: add tests for endpointslice terminating condition
• Mark volume mount as uncertain in case of volume expansion fails
• [PodSecurity] Add test coverage for pod-template-containing objects
• Fix the code is leaking the defaulting between unrelated pod instances
• update test for feature gate
• add ControllerManagerLeaderMigration as beta
• promote ControllerManagerLeaderMigration to beta.
• create LeaderMigrationConfiguration v1beta1
• Promote ingressclass.kubernetes.io/is-default-class annotation to networking/v1
• Fix index out of range if multiple default plugins are overridden
• Revert 103327: "kube-scheduler: ensure the default config output of --write-to-config is usable"
• apf: fix virtual clock
• integration test: provide a timeout for /health
• add tracing to webhook requests
• PodSecurity: make integration tests run sparsely
• Make khenidak a sig-net approver
• Rename NodeSwapEnabled flag to NodeSwap
• test/integration/endpoints: add a test to ensure Endpoints does not include terminating pods
• test/integration/endpoints: improve docs for TestEndpointWithTerminatingPod
• Add structured logging for more steps
• PodSecurity: Initial webhook implementation
• Modify the wrong comment for controller_util.go
• Drop direct dependency on gotest.tools
• fix exec failure for gomock finish calling
• upgrade github.com/prometheus/common to v0.28.0
• upgrade google.golang.org/api to v0.45.0
• Revert "use PermitWithoutStream=true for etcd: send pings even without active stream"
• Set EC2 instance cache max age to 10 mins
• test/integration/endpoints: check for pod existencen in TestEndpointWithTerminatingPod
• seems to work, needs tests and a lot of cleanup
• fix test failures in legacy cloud provider: add 'projects/' after upgrade
• Add sync reconstructed volume from desired state of world for volumemanager
• client-go/tools: update events version in doc
• e2e: fix NFS options test for IPv6
• Rename width to workEstimate in P&F code
• Get rid of unused flowSchemaRVs in P&F
• [go1.16] Update to go1.16.6
• Drop end of sunrpc port range to avoid port conflicts.
• Move feature flag to beta (but leave as false) and remove the feature flag from Kubelet
• Update API description for probe.terminationGracePeriodSeconds
• kubelet: Prevent runtime-only pods from going into terminated phase
• review comments
• missed a paren
• fix existing unit tests
• add happy path tests for two types of imports
• Revert granting EndpointSlice write access to edit role
• Remove Endpoints write access from aggregated edit role
• Remove ServiceAccountIssuerDiscovery feature gate
• update golangci-lint to newer version
• fix deadcode issues
• fix ineffassign and varcheck
• enable verify-golangci-lint.sh
• Revert counting deleted pods as failures for Job
• client-go exec: fix metrics related to plugin not found
• Add integration tests for updating Job parallelism
• CHANGELOG: Update directory for v1.22.0-beta.2 release
• try to fix the in_tree_volumes cases: refactor the projectBasePath logic
• tests for path resolver, add KUBE_ROOT to both top level func calls
• Make --configure-cloud-routes configurable in local-up-cluster
• Flake [flaky test]: [sig-node] Probing container should be ready immediately after startupProbe succeeds kubernetes/kubernetes#99979 increase delay for ready state propagation
• device-plugins: replace gcr.io/gke-release to use the community registry
• tests: Updates cuda-vector-add:1.0 image to the promoted registry
• Remove E2E test for NodePreferAvoidPods scheduling Score
• CHANGELOG: Update directory for v1.19.13 release
• CHANGELOG: Update directory for v1.20.9 release
• CHANGELOG: Update directory for v1.21.3 release
• Revert "Add StatefulSetAutoDeletePVC feature gate"
• Revert "statefulset PersistentVolumeClaimDeletePolicy api change"
• update comment with EnqueueExtensions
• Solved the test problem and added update comment
• Set out.TargetCPUUtilizationPercentage correctly when converting autoscaling_HorizontalPodAutoscalerSpec to v1_HorizontalPodAutoscalerSpec
• add apiserver tracing integration test, and fix endpoint validation
• Fix panic in master upgrade tests
• Optimize APF support for watch initialization to fix the pod startup time regression.
• Add additional APF test for handling other panic types
• Revert "tests for statefulset PersistentVolumeClaimDeletePolicy api change"
• vendor: bump runc to 1.0.1
• kubelet/cm: don't set Devices
• fix AsApproximateFloat64() for BinarySI
• Pass unknown labels in allowedTopologies during CSI translation
• Fix typo in comment in endpoints_controller
• add deprecation for Azure Disk Kind in csi migration
• Using full url format as runtime endpoint
• e2e: remove runKubernetesServiceTestContainer
• e2e: remove unused sync.WaitGroup
• update cos 85 version to latest.
• remove superfluous [Feature:SCTP] tag in some test names
• TODO comment should have been removed with More small refactors for v1beta3 -> internal kubernetes/kubernetes#2912, the restartCount docs wasn't updated as part of Kubelet: persist restart count of a container kubernetes/kubernetes#6794.
• e2e: update makefile example for building images
• kubelet: Preserve reason/message when phase changes
• kubelet: Avoid allocating multiple times during status
• kubelet: Make condition processing in one spot
• Add konnectivity agent to log dump
• optimize the code
• Ignore 'wait: no child processes' error when calling mount/umount
• testing patches. add k8s.io/staging, remove local home
• Provide reference to impersonation options for kubectl auth can-i command.
• fix typo scheduling queue to active queue
• Using ServiceIPs instead of DNS names in the NetworkPolicy Probes + adding Interface decoupling (Using ServiceIPs instead of DNS names in the NetworkPolicy Probes + adding Interface decoupling kubernetes/kubernetes#102354)
• feat: Provide IPv6 support for internal load balancer
• setting the status to fix on the known issue
• Add: specify that reason is a field to record the reason why failed
• decouple timeBudget from real clock
• migrate cmd/kube-proxy/app logs to structured logging
• refactor: normalizing URL string locally and move out from purell package
• Deprecate apiserver_longrunning_guage and apiserver_registered_watchers
• CHANGELOG: Update directory for v1.22.0-rc.0 release
• kubeadm: update references to legacy artifacts locations
• test: e2e: HPA ContainerResource
• Fix windows storage tests
• Fix SIG Node SSH e2e test
• Make CSR cleaner tolerate objects with invalid status.certificate
• Make crictl tests host local
• k8s.io/code-generator: Enable generate-* scripts usage as module deps
• Fetch metrics from controller manager & scheduler no run once
• cluster: fix CI metrics-server deployment
• bump metrics-server to 0.5.0
• Fix a typo in comment
• disable aufs module
• Use pointer gomega comparison for UsageNanoCores
• Update doc description for --audit-log-maxbackup
• staging/publishing: add release-1.22 rules
• add new metric
• Changed flag name underscore warning to avoid recommending potentially invalid flag name
• Update Containerd version - GCE Windows
• k8s.io/code-generator: Change BoilerplatePath() to locate file or require explicit flag
• Remove conformance status from a sysctl test and relabel
• Replace 'x.Sub(time.Now())' with 'time.Until(x)'
• Improve storage test skipping pattern.
• Fix incorrect comments in scheduler_queue.go
• Overlaid OS's environment variables with the ones specified in the CredentialProviderConfig
• Add e2e testing manifest bundle to e2e_node test suite
• Fix a typo in comment
• Do not try to create an audit log file named "-"
• Move cluster/images/conformance to test/conformance/image
• Update references to test/conformance/image
• Mark "update Node.Spec.ConfigSource" node e2es as slow
• Update to using apiserver-network-proxy v1.22
• Remove wrong comment
• add --concurrent-ephemeralvolume-syncs flag for kube-controller-manager
• Fix NPE in test/e2e/framework/providers/azure
• cleanup description on deprecated include-uninitialized flag
• Fix wrong log
• fix data race for Test_Run_Positive_VolumeMountControllerAttachEnabledRace
• client-go/events: avoid referencing a nil related object
• Allow customizing spam filtering in event client library
• refactored master to controlplane
• kubectl: Add labels to ingress describe
• Allow non-subsetting ILBs to update when the feature is enabled.
• Initial UnstructuredExtract without caching
• Write TestUnstructuredExtract
• Manually set GVK in extract, add commentary to extractor
• basic caching working
• Add HasOpenAPISchemaChanged to DiscoveryInterface
• rename cache, add to integration test
• remove test script
• comments
• Restructure caching logic
• Address PR feedback around gvk parser generation ergonomics
• remove commented out code
• Revert caching in favor of simple ttl
• simplify test to only test the new logic of extractUnstructured
• wrap extractor errors
• sched: support HistogramVec in scheduler performance test
• client-go: deltaFIFO trace slow handlers
• staging/publishing: fix rules for legacy-cloud-providers for 1.22
• Fix disruptive subPath test failures
• Set idle and readheader timeouts
• Start the informerFactory in the ControllerContext
• Fix kubectl version unit test
• remove apiserver impor from client-go
• fix extract_test
• fix vendor
• fix boilerplate and staticcheck
• Fixes (temporarily) curl piped to shell security vulnerability
• Add kube-openapi to client-go import restrictions
• Added support for multiple --from-env flags
• update node-problem-detector v0.8.9
• add kube-openapi/pkg/schemaconv to kubeadm import-restrictions
• minor cleanups
• Update e2e test images url
• Refactor the structure nodeScoreHeap
• test images: Adds image labels by default
• Remove unused promise code from APF
• Bump DynamicKubeConfig metric deprecation to 1.23
• Mark failing node serial tests as flaky
• fixing scripts from https://github.com/google/protobuf/releases to https://github.com/protocolbuffers/protobuf/releases
• Add release note block to cherry-pick script
• Update component-base OWNERS to include SIG-Architecture
• hack/verify fixes
• Fix: ignore not a VMSS error for VMAS nodes in reconcileBackendPools
• apiserver: avoid repeated loading context for requestInfo in Namer.Name
• update protobuf github url
• Simplify APF promise to what is really used in the code
• fix error variable name
• delete stale UDP conntrack entries for loadbalancer IPs
• Update golang.org/x/time/rate (Update golang.org/x/time/rate kubernetes/kubernetes#104014)
• Revert "Add a namespace label to admission metrics and expand histogram range to 0-10s"
• e2e node server: fix crash in log line
• Log e2e-node kubelet output directly to file
• fix: 81134: display conflicted taint without a json representation.
• [k8s.io/kubectl/pkg/drain/drain]: minor typo fixup
• replace e2e WaitForPodsReady by WaitTimeoutForPodReadyInNamespace
• kubeadm: remove deprecated --experimental-patches
• kubeadm: disallow the mixture of --config and --patches
• Remove stray DNS port references in NetPol tests
• revert Bump DynamicKubeConfig metric deprecation to 1.23 by delta update
• Explicitly restart kubelet to stabilize serial-containerd job
• Remove AUFSUmountHung from NPD test
• Add pod context to volume lifecycle logs
• Fix zone calculation - consider only untainted nodes
• Skip NVidia GPU test in node e2e CI jobs for containerd and other runtimes
• Add ehashman to node e2e test approvers
• remove GAed feature gates sysctls
• add clusterIP allocator metrics
• Use docker buildx for etcd image
• retry apiserver errors on e2e service tests
• set showHiddenMetricsForVersion=1.22 in dynamicKubeletConfiguration test
• CHANGELOG: Update directory for v1.22.0 release
• Update configure-helper.sh
• add a keepalive time to the konnectivity server
• Update configure-helper.sh
• Update configure-helper.sh
• check APIStatus.Code in Is* family of functions
• Log kube-env variables from startup script
• [jobs][registry]: Warn if no propagationpolicy set
• Replace usage of Whitelist with Allowlist within Kubelet's sysctl package (Replace usage of Whitelist with Allowlist within Kubelet's sysctl package kubernetes/kubernetes#102298)
• add integration test for apiserver hsts
• Remove EXTRA from log messages
• Remove duplicate dependencies from 1.22 changelog
• Clarify ready (Clarify ready kubernetes/kubernetes#103782)
• Add the pod field to all volumeToMount info level logs
• Skip node e2e test for recovering from ip leak with docker
• refactor(kubeadm): remove the flag --port from KCM manifest
• apiserver: add callback to get notified of object count
• Introduce event clocks based on k8s.io/utils/clock
• Fix metrics reporting for the deprecated watch path
• Allow override of CGO_ENABLED=0
• Remove the StartupProbe feature gate
• Correct comment related to HugePageStorageMediumSize feature gate
• Add feature gate to disable in-tree credential providers
• Remove kubectl book
• Improve dynamic cert file change detection
• Add a new webhook metric tracking request totals.
• fix unsafe json construction for digestConfigObjects.
• kubeadm: Reduce the backoff time of AddMember for etcd
• Propose myself as a reviewer for cluster/gce/gci
• Add SergeyKanzhelev to node e2e test approvers
• apf: use EventClock rather than a PassiveClock for queueset
• Allow a custom kube-cross image + tag to be specified
• Avoid spurious calls to update/delete validation
• make notes more easily to understand
• apimachinery: remove unused ignoredConversions map and nameFunc in converter.
• apf: estimate list width
• [go1.16] Update to go1.16.7
• Revert "revert Bump DynamicKubeConfig metric deprecation to 1.23 by delta update"
• Add ibabou to gce/windows OWNERS file
• TAG used when building pause is configurable
• Add e2e for local volume expansion
• Update debian-base image to buster-v1.9.0
• Update debian-iptables image to buster-v1.6.6
• Update setcap image to buster-v2.0.4
• sched: retry unschedule pods immediately after a waiting pod's deletion
• Some cleanup of the package for event clocks
• Fixes flaky GKE kubectl test
• remove unnecessary waits from watch conformance test
• staging/publishing: Set go1.15 version to go1.15.15
• cpu manager: do not clean admitted pods from the state
• memory manager: do not clean admitted pods from the state
• device manager: do not clean admitted pods from the state
• Add getOSInfo err info
• unify worker num to workers
• Remove AllowInsecureBackendProxy feature gate
• e2e test: lock-file and exit-on-lock-contention
• Increase debug logging in waitGroupCounter::Add
• bandwith --> bandwidth
• add 'projects/' suffix if this library is used with an older version of the google api library
• pin-dependencies.sh: support switching repos
• Drop beta REST APIs removed in 1.22
• Fixes 104067; Explicitly states Docker CLI plugin buildx required for building using Docker
• Drop legacy validation logic for admission registration
• Drop legacy validation logic for certificates API
• Drop legacy validation logic for networking API
• Drop legacy status logic for volumeattachments API
• kubeadm: dynamically populate the current/minimum k8s versions
• kubeadm: update unit tests to support dynamic version updates
• Drop legacy validation logic for CRD API
• Drop DefaultGarbageCollectionPolicy checks for legacy apps REST API versions
• Regenerate openapi
• Pass additional flags to subpath mount to avoid flakes in certain conditions
• Add missing interface method in mount_unsupported.go
• Update the unit tests to handle mountFlags
• Typo in a comment.
• remove listx from OWNERS_ALIASES
• fix indentation
• kubelet: fix sandbox creation error suppression when pods are quickly deleted
• Add 1.22 API test data
• Remove 1.20.0 API test data
• Refactor goroutine counting
• support kubeadm join dry-run
• Warn if docker buildx is not available
• apiserver: rename test variables
• apiserver: add a new mode for graceful termination
• Fix documented version for DisableKubeletCloudCredentialProviders feature gate
• Copy golang license to staging copies
• apiserver: refactor WithRetryAfter server filter
• Keep MakeMountArgSensitive and add a new signature that receives flags
• revert test STABLE declaration
• Refactor defaultpreemption for out-of-tree plugins
• fix single pointer variable
• set umask on linux and darwin when testing kubeadm copycerts
• Update obsolete link in the Conformance Test doc
• Update version of Cluster Autoscaler to 1.22.0
• add aojea to test OWNERS
• test images: Simplifies the agnhost binary version
• test images: Adds sync.exe to Windows agnhost images
• test images: Removes Windows 1903 and 1909 images
• CSIDriver: allow "StorageCapacity" to be modified
• generated swagger docs
• Revert "E2E test for kubelet exit-on-lock-contention"
• CHANGELOG: Update directory for v1.19.14 release
• CHANGELOG: Update directory for v1.20.10 release
• CHANGELOG: Update directory for v1.21.4 release
• reduce the number of containers created by 66%
• legacy-cloud-providers: aws: Add support for consuming web identity credentials
• Fix build with multiple GOFLAGS
• Extract containerID from systemd-style cgroupPath in cri_stats_provider And fix test to generate UUID without dash
• code cleanup:fix spelling mistake in CHANGELOG-1.22
• Update golang used in etcd image to 1.16.7
• Increase time to wait for nodes to become unready
• apf: free seats in use after additional latency
• Add unit tests for local volume expansion
• update instrumentation reviewers
• kubeadm: further improve the dynamic version population
• send retry-after until ready
• reducing the number of containers created based on the ports used
• Add termination hook to the startup script - GCE Windows
• rename audit Checker interface
• updating co-chairs
• Remove "pkg/controller/volume/scheduling" dependency from "pkg/scheduler/framework/plugins"
• Fix extra latency and add tests for that and width
• Fix typo in CHANGELOG-1.22.md
• Fix insufficient privileges to bind to port
• Convert some emitted events to logs.
• bump gengo to include defaulter-gen package support
• Change defaulter-gen input to package path
• Add non-vendor version ldflags
• Fix storage class setup in regional_pd.go
• Remove unused NewContiguousAllocationMap
• Allocator renames for clarity
• Add unit tests for validateStructuralInvariants
• fix typo of rate limiter
• image: Change http to https
• fix: ensure InstanceShutdownByProviderID return false for creating Azure VMs
• fix: skip case sensitivity when checking Azure NSG rules
• Mention seccomp annotation removal in v1.25
• test images: Use PULL_BASE_SHA for non-git image building
• Add name and namespace to structuredmerge errors
• SCTP tests run only on 2 nodes
• Fix use variables in the loop in vsphere_util
• [volumeScheduling/metrics] Fix buckets initialization
• Bump k8s.io/kube-openapi
• re-order imports for kubeadm
• Update unit tests to handle go1.17 certificate parsing error messages
• Fix allowed imports for kube-openapi
• Regenerate applyconfigurations
• Update kubectl GitHub support issue template
• Upgrade the default csi-proxy version installed by kube-up.sh
• Update cri-tools to v1.22.0
• hostNetwork tests can't share the same port
• add tkashem as a reviewer of apiserver
• Fix slice type comparison bug
• Lower requests b/c multiple containers will leave pending pods
• Added Windows Server 2022
• Update cobra to v1.2.1
• Added Windows Server 2022 tag to all OS versions
• Remove pkg/utils/slice from kube-proxy
• Update-vendor to add k8s.io/utils/strings/slices/
• test images: Adds Windows Server 2022 to the BASEIMAGEs
• CHANGELOG: Update directory for v1.23.0-alpha.1 release
• kubectl proxy: append context host path to request path
• CHANGELOG: Update directory for v1.22.1 release
• Bump livenessprobe to 2.4.0 in e2e hostpath driver spec
• vendor: bump k8s.io/util to get fix for LRU cache
• Enable http2 health checking with go 1.16.5
• update and verify netparse
• rename net.ParseCIDR on messages to avoid false positives
• run hack/update-netparse-cve.sh
• allow k8s.io/utils/net imports
• update vendor
• code-generator: remove bounding-dirs flag of the deepcopy-gen in the script
• Fix comparison between FQDN and hostname
• bump e2e loadbalancer timeouts to 15m
• [queue] Implement ShutDownWithDrain allowing the queue to drain when shutting down
• apiserver: add key/value pair to httplog
• api: Promote statefulset MinReadySeconds to beta
• sts: Promote minReadySeconds
• testdata: STS minReadySeconds beta
• Adds CancelRequest function to CommandHeadersRoundTripper
• Fix buffered signal channel go vet error
• fix 104329: check for headless before trying to release the ClusterIPs
• integration test
• test images: Adds Windows Server 2022 to the BASEIMAGEs (part 2)
• add backticks to comments containing < or >
• Fix: return error instead of os.Exit when something goes wrong
• Fix: not change the error messages
• Service REST: Use DeepCopy() on Create() and fix tests
• Fix registry tests to look at result objects
• REST: Document mutable inputs on Create()
• Fix: set SilenceErrors and SilenceUsage not to change error message
• Add the metric data for different extension points
• fix typo: Modify PodTrackingWithFinalizers to JobTrackingWithFinalizers
• [scheduler] Remove deprecated volumeSchedulingLatency metric
• Ensure serviceaccount admission produces v1 Pod matching defaults after round-trip
• create common interface for controllers.
• vendor: bump runc to 1.0.2
• pkg/kubelet/cm: use SkipFreezeOnSet
• Added support for multiple --from-env flags
• Allow custom client names to be used for cloud controllers
• Clean up: delete NumUnschedulablePods because it's no longer in use
• Add APF's priorityLevel to httplog.go
• test images: retrigger busybox image building
• fix typo CRED to CRUD
• test images: Trigger the windows-servercore-cache image job
• dependencies.yaml: Alpha-sort reference paths
• [go1.17] Update to go1.17
• dependencies.yaml: Track Golang version for upstream etcd releases
• [go1.17] Bump golang.org/x/... dependencies
• generated: Run hack/lint-dependencies.sh and hack/update-vendor.sh
• generated: Run hack/update-gofmt.sh
• hack/boilerplate: Tolerate new build tag format (//go:build)
• sched: remove unneeded json tags in unversioned API objs
• Added support for setting controler-manager log level online
• fix detach disk issue on deleting node
• fix: ignore the case when updating tags
• kubelet: Admission must exclude completed pods and avoid races
• Remove Error Message Check Dynamic PV Tests
• FIX: just add a missing word in output
• OWNERS: Dan Mangum is now Emeritus
• OWNERS(releng): Add Jeremy Rickard
• OWNERS(releng): Tidy approver/reviewer descriptions
• OWNERS(build-image): Add previous RelEng reviewers to approvers
• build/OWNERS: Add Release Engineering as reviewers
• use common controller interface in KCM.
• use common controller interface in CCM.
• add vendor for k/cm/controller.
• CHANGELOG/OWNERS: Use RelEng aliases for approvals
• set AllowLongNodeID to true by default since 1.23
• Adds the PowerShell completion generation (Adds the PowerShell completion generation kubernetes/kubernetes#103758)
• Don't prematurely close reflectors in case of slow initialization in watch based manager
• e2e_node: use upstream gpu installer
• e2e_node: install gpu pod with PodClient
• e2e_node: run gpu pod long enough to become ready
• revert "fix wrong output when using jsonpath"
• add a test for jsonpath template parsing to prevent regressions
• Reduce the number of parallel typechecks to 2
• Add init hostprocess container test
• skip hack/tools/vendor folder
• Add GA AnnStorageProvisioner annotation to PVC
• Skip testing for Pod DNS records.
• OWNERS(releng): Set reviewers to release-managers
• Fix typo in kubectl describe pods example
• Don't expose struct from prometheus client library
• Update ServiceInternalTrafficPolicy feature state
• apiserver: remove server option startup-send-retry-after-until-ready
• storege e2etest: Delete restored PVC/Pod in snapshottable
• Structured Logging migration:modify Scheduler part logs.
• tests: Bumps image versions (Adds Windows Server 2022)
• updates pause image references
• scheduler: better reason for delay with generic ephemeral volumes
• Add alculquicondor to sig-apps-reviewers
• Fix a small regression in Service updates
• modify non-uniform aliases
• explain the reason why metaclient special processing metav1.DeleteOptions encoding
• turn on CSIMigrationAzureDisk by default on 1.23
• Remove deprecated --seccomp-profile-root/seccompProfileRoot configuration
• e2e test apiserver endpoint and endpointslices
• Remove unused --allow-gathering-profiles e2e.test flag
• Wait 15m after instead of before breaking nodes
• integration test for cronjob with controllerv2
• Revert "Merge pull request apiserver: remove server option startup-send-retry-after-until-ready kubernetes/kubernetes#104630 from tkashem/remove-option"
• Revert "Merge pull request send retry-after until the apiserver is ready kubernetes/kubernetes#104281 from tkashem/not-ready-429"
• Remove race condition from TestApfExecuteWatchRequestsWithInitializationSignal
• Fix the key missing issue for structured log
• Modify TTLAfterFinished state to beta in comment
• fix: ignore the case when comparing azure tags in service annotation
• fix data race in kubelet volume test: add lock
• admission: run PodSecurity before PodSecurityPolicy
• Fix Job tracking with finalizers for more than 500 pods
• Introduce storagebackend.ConfigForResource
• vendor for staging/cm/healthz
• HealthCheckable interface.
• implement healthz
• use controller healthz
• Scheduler version should be printed out by default
• Fix flake test TestEnsurePIPTagged
• Adjust LIST work estimator to match current code
• Fix err of GrabFromAPIServer()
• Adding more detailed logging for Topology Hints
• Added update and verify scripts for automated mock generation
• changes made by introducing mockgen command
• Update CHANGELOG OWNERS
• Temporarily remove non kubernetes members. Will add them back afterward.
• Add ehashman to sig-node-api-reviewers
• Additional resource quantity testing
• Fix typo fileystem -> filesystem
• Fix typo assigment -> assignment
• Fix typo coersion -> coercion
• Object creation with generateName should return a proper error
• server-side-apply: print object name in SHOULD NOT HAPPEN message
• pkg/kubelet/cm/memorymanager: Fix ErrorS key/value pair
• Fix client IP preservation for NodePort service with protocol SCTP
• fix Log attempts to output resp.Body
• e2e_node: Update GPU tests to reflect reality
• fix sharedInformer doc
• apf: copy v1beta1 to v1beta2
• apf: rename to v1beta2
• Update the valid string from rand.go
• Avoid expensive go-cmp/cmp comparison
• Fix staticcheck in apiserver and client-go pkgs
• Update CHANGELOG OWNERS
• Change execution duration guess from 1 minute to 3 milliseconds
• rbac: remove AttributeRestriction documentation
• Fix couple of incorrect description
• Refine locking in API Priority and Fairness config controller
• para 'resourceVersion' in DeltaFIFO.Replace is not used, so remove it
• kubelet: Rejected pods should be filtered from admission
• e2e iperf2 change threshold to 10MBps = 80 Mbps
• Revert PR 103515
• increasing sleep timer to 5 sec
• avoid sharedIndexInformer run more than once, avoid more cache and memory consume
• e2e: enable generic ephemeral inline volume also for in-tree drivers
• apf: ebable v1beta2
• apf: regenerate for v1beta2
• apf: update e2e test to use v1beta2
• apf: update apf logic to use v1beta2
• klog 2.20.0, logr v1.1.0, zapr v1.1.0
• Widen margins of TestDifferentWidths and TestTooWide
• Remove functionality from deprecated kubectl run flags
• fix typo in framework interface
• vendor: bump hcsshim to v0.8.22
• Migrate to k8s.io/utils/clock in pkg/controller
• Migrate to k8s.io/utils/clock in pkg/quota
• Migratet to k8s.io/utils/clock in workqueue
• Migrate to k8s.io/utils/clock in pkg/kubelet
• Move YamlPrinter to its own file
• Migrate to k8s.io/utils/clock in lease controller
• Migrate to k8s.io/utils/clock in flowcontrol backoff
• build/common: check if docker buildx is available
• kube-controller-manager: properly check generic ephemeral volume feature
• Skip service external ips tests if admission controller to deny externalip services is enabled.
• scheduler/volumebinding: migrate to use pkg/scheduler/framework/plugins/feature
• Svc: Move ETP clearing to dropTypeDependentFields
• Svc REST: Encapsulate IP and Port allocator logic
• Svc REST: move allocator methods -> alloc object
• Svc REST: Don't call validation directly
• Svc REST: Add a transaction API
• Svc REST: Move allocations in Create into funcs
• Svc REST: Add stub begin* hooks
• Svc REST: De-layer Create
• Svc REST: Rename a long, hard function name
• Svc REST: Allow multi-IP-family in tests
• Svc REST: Rename some tests for clarity
• Svc REST: Overhaul Create test wrt dual-stack
• Add dry-run support to the IP allocator subsystem
• Svc REST: Set Cluster IPs during dry-run Create
• Svc REST: better test checks in new tests
• Svc REST: Dedup tests for defaulting
• Svc REST: Test that ExternalName doesn't set IPs
• Svc REST: Test that Headless doesn't set IPs
• Svc REST: Remove redundant Create tests
• Svc REST: Better NodePort tests
• Svc REST: HealthCheckNodePort tests
• Svc REST: IP and port reallocation
• Svc REST: Remove redundant Get test
• Svc REST: Move test to reduce diff in next commits
• Svc REST: De-layer Delete
• Svc REST: Clean up redundant delete tests
• Svc REST: Add a delete-with-finalizer test
• Svc REST: De-layer Update
• Svc REST: Set Cluster IPs during dry-run Update()
• Svc REST: Add a test for PatchAllocatedValues
• Svc REST: Add new model of feature tests
• Fix validation on ETP: "" is not valid
• Svc REST: Change ETP create test to a feature test
• Svc REST: Beef up NodePort tests
• Svc REST: Better errors on stack-downgrades
• Svc REST: Add proof funcs in feature test logic
• Svc REST: add a beforeUpdate hook in feature tests
• Svc REST: allow tests to set cluster IP families
• Svc REST: Move ResourceLocation() to 'inner' layer
• Svc REST: Fix comments to make next commits easier
• Svc REST: Validate input before IP allocation
• Svc REST: Fix single<->dual-stack updates
• Svc REST: Make ipFamilyPolicy authoritative
• Svc REST: Remove obviously unused args
• Svc REST: De-layering done! Convert to 1 layer
• Svc REST: Remove old, now unused stubs
• Svc REST: Rename service NewGenericREST to NewREST
• Svc REST: Use "prove" helpers in other tests
• Svc REST: Beef up ports test, remove old form
• Svc REST: Remove overlapping rest_tests
• Svc REST: Add InternalTrafficPolicy tests
• Svc REST: Remove old rest_test
• DeepCopy() input objects in Service REST test
• Svc REST: Move normalizeClusterIPs to storage pkg
• Svc REST: Move patchAllocatedValues to storage pkg
• Svc REST: Move tests and scaffolding around
• Svc REST: rename allocServiceClusterIPsNew
• Svc REST: rename allocServiceNodePortsNew
• Svc REST: rename allocUpdateServiceClusterIPsNew
• Svc REST: rename allocUpdateServiceNodePortsNew
• Svc REST: rename allocClusterIPs -> allocIPs
• Svc REST: rename releaseClusterIPs -> releaseIPs
• Svc REST: rename allocServiceClusterIP
• Svc REST: rename allocServiceClusterIPs
• Svc REST: rename releaseServiceClusterIP
• Svc REST: rename releaseServiceClusterIPs
• Svc REST: rename handleClusterIPsForUpdatedService
• Svc REST: rename healthCheckNodePortUpdate
• Svc REST: rename allocateHealthCheckNodePort
• Svc REST: Make allocHCNP a method: more consistent
• Svc REST: rename rest.go -> alloc.go
• Svc REST: Move alloc code around
• Svc REST: Make update/releaseNodePorts methods
• Svc REST: Move isValidAddress to storage.go
• Svc REST: Rename GenericREST -> REST
• Svc REST: Use types for safer arg ordering
• Svc REST: Rename RESTAllocStuff
• Svc REST: Convert FIXME to TODO
• Svc REST: Make transaction-accumulating funcs safe
• remove the --csr* flags from "kubeadm certs renew"
• Improve DeltaFIFO function 'ListKeys'
• e2e: TM: add option to fail instead of skip
• Drop broken/no-op proxyconfig.EndpointsHandler implementations
• Propagate conversion errors
• Bump conformance images to use debian:buster-v1.9.0
• Migrated pkg/proxy/userspace to structured logging (Migrated pkg/proxy/userspace to structured logging kubernetes/kubernetes#104931)
• Update debian-iptables to pick CVE fixes - This image has fixes for CVE-2021-3711, CVE-2021-3712 - This will allow kube-proxy to be built on newer base image which has fixes for these CVEs
• change health checkport to listen to node port addresses
• change proxiers to pass nodePortAddresses
• Update ineligible_endpoint.yaml to include RBAC
• Track recent reorg in testing clockery
• Fix null JSON round tripping
• Plumb the schema.GroupResource into etcd3 Store struct
• kubectl: Use fields from event series when computing describe events for a object (kubectl: Use fields from event series when computing describe events for a object kubernetes/kubernetes#104482)
• move repair loop interval to a constant
• Fix workqueue memory leak
• removing usage of github.com/pkg/errors from test/conformance/image/go-runner/ directory
• refactor: disable insecure serving in kube-scheduler
• support null resolvConf in Kubelet Configuration
• pin-dependency.sh: enhance forking of a dependency
• [go1.17] Update to go1.17.1
• component-base: enable JSON in example
• kubeadm: do not check if the /etc/kubernetes/manifests folder is empty on joining worker nodes during preflight
• Increase QPS in gc controller.
• update ineligible_endpoints removing upper case
• Add unit tests for scheduler's dynamic event handlers registration
• CHANGELOG: Update directory for v1.23.0-alpha.2 release
• Migrate cmd/proxy/app and pkg/proxy/meta_proxier to structured logging (Migrate cmd/proxy/app and pkg/proxy/meta_proxier to structured logging kubernetes/kubernetes#104928)
• kubeadm: remove --port from kube-scheduler manifest
• add StatefulSet MinReadySeconds e2e test
• staging/publishing: Set go1.16 version to go1.16.8
• CHANGELOG: Update directory for v1.20.11 release
• CHANGELOG: Update directory for v1.19.15 release
• Rename httplog entry from "apf_d" to "apf_fd"
• Add CVE 2021-25741 info to 1.19 release notes
• CHANGELOG: Update directory for v1.21.5 release
• CHANGELOG: Update directory for v1.22.2 release
• add feature gate OpenAPIEnums.
• structured log migration for pkg/util/netsh
• 'New' Event namespace validate failed ('new' Event namespace validate failed kubernetes/kubernetes#100125)
• remove deprecated validEgressSelectorNames 'master' (remove deprecated validEgressSelectorNames 'master' kubernetes/kubernetes#102242)
• Add support for multiple certs in AWS NLB

What type of PR is this?

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: