Move init containers to stable in v1.6 (#1939)

* Delete the parameter "--google-json-key string"

Delete the parameter "--google-json-key string"

* Fix apimachinery vendored dependencies in examples_test.

* package apt-transport-https should be installed

Ubuntu default install not include apt-transport-https. so if you want to download package from https repo, you need install apt-transport-https package first

* doc-walkthrough-content

modify

* limitrange-update

I think it's redundant that the second to ,in order to do sth and do
sth!thanks!

* fix command kubectl get svc,pod output

fix command kubectl get svc,pod output

* Fix typo: federation-controller-mananger => federation-controller-manager

* Fix typo: federation-controller-mananger => federation-controller-manager

* Clarify minimum version of kubernetes supporting PSP authz

* Provide correct location for KUBE_ETCD_SERVERS

Provide correct location for KUBE_ETCD_SERVERS configuration key. It was
previously listed as being in /etc/kubernetes/config but is actually in
/etc/kubernetes/apiserver.

Related: https://github.com/kubernetes/kubernetes.github.io/issues/1600

* Move Compute Resources topic to Concepts. (#2410)

* Delete the parameter "--google-json-key string"

“# kube-scheduler -help”can not find --google-json-key option

# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-23T00:04:39Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-22T23:56:57Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}

* Add diagnose tips when you face problem.

* Update grammar for kubeadm.md, thanks @chenopis

* Merge two pieces to one words

* add http proxy infomation in kubeadm

* Update landing pages for Tasks and Tutorials. (#2634)

* Update static-pods.md

It works. Please review it again.

* Move Guide Topic: Multi-container pods. (#2642)

* fix link to go to pod-lifecycle page

* fix the command output

fix the command output

* mirantis_logo.png

,/images/community_logos/mirantis_logo.png updated per Mirantis request

* kubeadm reference -- /

set up/manage mean set up or manage ? it's better use or?

* Prototype for deprecating User Guide topic.

* missing word

The return of the OCD.

* Move Guide topic: Using Environment Variables. (#2645)

* fix typo (#2656)

fix typo

* Move Guide topic: Using Port Forwarding. (#2661)

* Move Guide topic: Bootstrapping Pet Sets. (#2662)

* Move Guide topic: Bootstrapping Pet Sets.

* Add TOC entry.

* Move Guide topic: Connect with Proxies. (#2663)

* Move Guide topic: Connect with Proxies.

* Fix link.

* add DefaultTolerationSeconds admission controller

* getting-started-guides: add CoreOS Tectonic

* Correct the certificate name

* Update index.md

* Update installation.md

* Update validation.md

* Update backups.md

* Update backups.md

* Spell fixes

* Using it vs Juju Kubernetes

* Q1 update to k8s tech and service partner list

New partners registered to K8s Partner Ecosystem sign-up form.  Logo updates companion to this edit still WIP

* Logo file updates for new registrants

Logos for new registrants

* The attribute [allowfullscree] must have a value

Signed-off-by: yupengzte <yu.peng36@zte.com.cn>

* Remove newline before passing to base64

* Use single quote to avoid string interpolation, update output

* Update command as files contain no newline

* Remove all dead links, use just filename

As user can guess that it is file copied from the shown content

* Fix link to dev guide.

* Add --leader-elect=false

Second scheduler could not start without disabling leader-elect.

* cluster-components-could be running

could be doing sth

* update cluster-components.md

In theory,Master components can be run....

* update cluster-components--add a space

add a space after the comma: "In theory, Master components..."

* Highlighted command --kubectl describe

In web page ,there is no space ,need some empty space,thanks!

* Revert "Highlighted command --kubectl describe"

This reverts commit a70d0a3e35.

* Add example show how to configure proxy for kube

* Revision as the suggestion describe

* move ha-master-gce.png to images/docs

Signed-off-by: Xiuyu Li <nickleefly@gmail.com>

* use relative path for ha-master-gce image

Signed-off-by: Xiuyu Li <nickleefly@gmail.com>

* The attribute [calendarWrapper] must be unique

Signed-off-by: yupengzte <yu.peng36@zte.com.cn>

* add required images in kubeadm init step

* Add links to Docker/rtk in cluster-intro.html

* s/acomplish/accomplish/

* Modify  the link URL of [kubelet eviction design doc]

[kubelet eviction design doc] should be linked to kubernetes.github.io
instead of community/design-proposal.

* fix CronJob object name

fix CronJob object name

* remove redundant a

Signed-off-by: Xiuyu Li <nickleefly@gmail.com>

* kubeadm reference--change any to some (#2683)

* modify one word

examples   to  example

* doc-walkthrough-content

modify

* limitrange-update

I think it's redundant that the second to ,in order to do sth and do
sth!thanks!

* cluster-components-could be running

could be doing sth

* update cluster-components.md

In theory,Master components can be run....

* update cluster-components--add a space

add a space after the comma: "In theory, Master components..."

* Highlighted command --kubectl describe

In web page ,there is no space ,need some empty space,thanks!

* Revert "Highlighted command --kubectl describe"

This reverts commit a70d0a3e35.

* kubeadm reference--change any to some

kubeadm can install any  add-on ?

* Move Guide topics: Logging (#2687)

* Disallow indexing for liveness/index (#2689)

* Deprecate Guide topics. (#2691)

* Wrong label and kubectl get completed pods

The label `app=jobexample` should be `jobgroup=jobexample`.
Also, for get completed pods the flag `--show-all` is necessary.

* Update garbage-collection.md

change “any” to "every"

* Deprecate Guide topic: Persistent Volume Walkthrough. (#2692)

* Reimplement PR #2525

Fixes typo by removing the word "controller"

* remove extra space

* Update multiple-schedulers doc  (#2063)

* Update tutorial

* Fix md formatting.

* Remove extraneous space

* Deprecate Guide topic: Secrets Walkthrough. (#2695)

* Deprecate Guide topics: quick-start ... (#2696)

* Update Tasks landing page. (#2697)

* Remove redundant section in deployments

The status of the deployment is already covered in a later section in
this doc.

* Repair Spotinst logo

Corrected size

* fixed ASM blurb

* Correct ASM logo filename

* Highlighted command for `kubectl proxy`.

* Update ubuntu install instructions.

* Update local instructions to new method.

* update init-containers.md

add one word.

* Minor spelling correction -- "rtk" to "rkt"

* fixing typo

* Doc formatting update

Corrected indentation for the `nonResourcePath` and got a bit zealous with restructuring that section...

* Repair Spotinst logo

Corrected size

* fixed ASM blurb

* Correct ASM logo filename

* Update garbage-collection.md

change "any" to "every"

* Update Weave Net's title.

* fix unsupported parameter of wget command

* update to be retained

change "retain" to "to be retained".

* Update pod.md

* update init-containers.md

change "a different filesystem view" to "different filesystem views".
different init container should have different filesystem.

* Highlighted command --kubectl describe

In web page ,there is no space ,need some empty space,thanks!

* cluster-management--3

change 3 to three is better or not ?thanks!

* fix typo

1、Parameters “--allow-verification-with-non-compliant-keys” is missed.
2、Delete the parameter "--google-json-key string";

see the "# kube-controller-manager  -help"
# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-23T00:04:39Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-22T23:56:57Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}

* fix typo

1、Delete the parameter "--google-json-key string";
2、Parameters "--ir-data-source string"、"--ir-dbname string"、"--ir-hawkular string"、"--ir-influxdb-host string"、"--ir-namespace-only"、"--ir-password string"、"--ir-percentile int"、"--ir-user string"  is missed.

see the "# kube-prxoy -help"
# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-23T00:04:39Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1+82450d0", GitCommit:"f5ef9802914a47c848fd84c287333f8b4d28bbc1", GitTreeState:"dirty", BuildDate:"2017-01-22T23:56:57Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64", USEEVersion:"V1.02.01_alpha", USEEPublishDate:"2017-1-10 00:00:00"}

* Update garbage-collection.md

modify the url and link

* update garbage-collection.md

change the url to relative path.

* update out-of-resource.md

change "in cases when" to "in case that"

* update out-of-resource.md

use a shorter and simpler expression.

* update out-of-resource.md

change "support" to "supports"

* Create a top-level CN directory to hold future md files for the Chinese kubernetes site

* Removed `=` at the end of the flags.

* Remove autogenerate todo

- This should be captured via a GitHub issue
  and not a TODO in the README documentation
  which leads to confusion.

* Move Guide topics: Federation Tasks. (#2799)

* Move Guide topics: Federation tutorial and concept. (#2802)

* Move Guide topics: Federation tutorial and concept.

* Add title.

* Fix link.

* Move kubectl Concept topics to Tutorials. (#2804)

* Move kubectl Concept topics to Tutorials.

* Add redirects and update links.

* The calendarWrapper attribute should be unique

Signed-off-by: yupengzte <yu.peng36@zte.com.cn>

* Fix links. (#2808)

* Fix link. (#2806)

* Move topic from clusters to cluster-administration. (#2812)

* Move a batch of cluster admin topics. (#2813)

* Move Guide topic: Limit storage consumption. (#2814)

* Move Guide topic: Limit storage consumption.

* Add title.

* Move Guide topic: Networking. (#2816)

* Move Guide topic: Network Plugins. (#2819)

* Move Guide topic: Network Plugins.

* Fix link.

* Move Guide topic: Static Pods. (#2820)

* User Guide content migration: post notice (#2818)

* Add User Guide content migration notice.

* Fix formatting

* Tweek formatting to block highlight text in light gray.

* Try table instead of code block

* remove extra lines

* try table format

* fix links

* incorporate @ddonnelly feedback

* Move Guide topic: Out of Resource. (#2821)

* Move Guide topic: Monitoring Node Health. (#2822)

* Move Guide topic: Monitoring Node Health.

* Move to Tasks.

* Move Guide topic: AppArmor. (#2823)

* Apparmor (#2825)

* Move Guide topic: AppArmor.

* Add included files.

* Move Guide topic: Audit. (#2824)

* Added 1.6 Upgrade notes to outline changes for etcd 3.

* Move Guide topic: Disruption Budget. (#2834)

* Move Guide topic: Limit range. (#2835)

* Quota (#2836)

* Move Guide topic: Limit range.

* Move Guide topic: Resource Quota and Limits.

* Quota2 (#2838)

* Move Guide topic: Limit range.

* Move Guide topic: Resource Quota concept.

* Dns (#2839)

* Move Guide topic: Limit range.

* Move Guide topic: DNS.

* Delete CNAME

* Create CNAME

* Delete CNAME

* Create CNAME

* Move docs/user-guide/managing-deployments.md to /docs/concepts/cluster-administration/manage-deployment.md

* add nginx-app.yaml file

* add back missing /

* fix link

* Move Guide topic: Replication Controller Operations

* Move Guide topic: Resizing a replication controller

* Concepts toc (#2840)

* Move Guide topic: Limit range.

* Adjust Concepts Overview TOC.

* Move Guide topic: Rolling Updates

* Move Kubernetes API page. (#2849)

* Move What is Kubernetes topic. (#2851)

* Move Guide topic: Rolling Update Demo (#2850)

* Move Guide topic: Rolling Update Demo

* rename file

* Move Guide topic: Configuration Best Practices

* Move Guide topic: Jobs (#2853)

* Move Guide topic: Jobs

* add job.yaml file

* change title

* Move Pod overview. (#2865)

* Move Pod overview.

* Fix redirection.

* Move Guide topic: Parallel Processing using Expansions (#2867)

* Move Guide topic: Parallel Processing using Expansions

* fix links to /docs/user-guide/jobs/

* Move Init Containers topic. (#2866)

* Move Guide topic: Coarse Parallel Processing Using a Work Queue

* Move Guide topic: Fine Parallel Processing using a Work Queue (#2870)

* Move Guide topic: Fine Parallel Processing using a Work Queue

* add migration notice

* fixed capitalization

* Rename /docs/tasks/job/work-queue-1/

* Move StatefulSets topic. (#2869)

* Move StatefulSets topic.

* Fix TOC.

* Move Guide topic: Pod Templates (#2872)

* Move Guide topic: Pod Templates

* tweak header level and capitalization

* Move PetSets topic. (#2873)

* Move Garbage Collection topic. (#2874)

* Move Garbage Collection topic.

* Fix included file.

* Move Guide topic: Prereqs

* Move Guide topic: Sharing Clusters

* Move Accessing Clusters topic to Concepts. (#2875)

* Move Accessing Clusters topic to Concepts.

* Update concepts.yml

* Move Guide topic: Kubeconfig File

* Move Guide topic: Config Provider Firewalls. (#2883)

* Move Guide topic: Federation Service Discovery. (#2884)

* Move Guide topic: Connecting Apps with Services. (#2885)

* Added example and docu for hostPort ranges

* Move Guide topic: Service. (#2891)

* Move Guide topic: Service.

* Move Guide topic: External Load Balancer.

* Fix TOC.

* Move Guide topic: Resource Monitoring. (#2895)

* docs/admin: document OpenID Connect plugin's claim prefixing

* Move Guide topic: Admin Guide

* fix the command output

fix the command output

* Update manage-compute-resources-container.md

Change "he" to "The"

* update out-of-resource.md

change "thresholds" to "threshold"

* update init-containers.md

change "apply" to "application"

* amend monitor-node-health.md

Amend the url link.

* Fix monitor-node-health.md

The url link does not exist.

* fix a typo in /docs/user-guide/configmap/index.md

change "value" to "values"

* View $PAGE on Github without forking the repo

Adding a "View docs/bla-bla.md on GitHub" button next to the
"Edit docs/bla-bla.md" button so that people can view the file
first without clicking the Edit button (which does not work without
forking the repository).

I did not need this because I was trying to do something without
forking. I just found it to be bit difficult to view source of a page
on GitHub.

I'm open to ideas, perhaps we can instead add an article footer button
named "View on GitHub" next to the "Edit this Page".

Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>

* Move Guide topics: Container Lifestyle Hooks, Images, Volumes

* fix to taint the master node

* Add files via upload

* fix the link of ogging-elasticsearch-kibana.md

fix the link of url

* Remove from TOC/Search: pods/init-containers ... (#2694)

* Fix typo

* Add files via upload

* Create hyperlink

Create hyperlink for kubernetes repo link.

* updated PSP documentation with RBAC (#2552)

Added info about controller manager setup and current implementation when using PSP with RBAC support.

* Use kubectl config current-context to simplify the instructions

* fix typeo (#2856)

* fix typeo

* Update kargo.md

* Fix typo in kubectl_completion.md

evaluation --> evaluated

* Apply typo fixes from #2791 (#2949)

* Apply typo fixes from #2791

* remove style typos

* Fix the typos

Signed-off-by: yupengzte <yu.peng36@zte.com.cn>

* Fix typo

* Fix typo (#2842)

_includes/code.html

@@ -14,7 +14,7 @@
                 {% if ghlink %}<a href="{{ghlink}}" download="{{include.file}}">{% endif %}
                     <code>{{include.file}}</code>
                 {% if ghlink %}</a>{% endif %}
-                <img src="/images/copycode.svg" style="max-height:24px" onClick="copyCode('{{include.file | handleize}}')" title="Copy {{include.file}} to clipboard">
+                <img src="/images/copycode.svg" style="max-height:24px" onclick="copyCode('{{include.file | handleize}}')" title="Copy {{include.file}} to clipboard">
             </th>
         </tr>
     </thead>

_layouts/docwithnav.html

@@ -57,7 +57,7 @@
 
         {{ content }}
 
-        <p><a href=""><img src="https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/{{ page.path }}?pixel" alt="Analytics" /></a>
+        <p><a href=""><img src="https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/{{ page.path }}?pixel" alt="Analytics" /></a></p>
         {% if page.url != "/404.html" and page.url != "/docs/search/" %}
 		<script type="text/javascript">
 	        PDRTJS_settings_8345992 = {

docs/admin/authentication.md

@@ -287,10 +287,20 @@ To enable the plugin, configure the following flags on the API server:
 | --------- | ----------- | ------- | ------- |
 | `--oidc-issuer-url` | URL of the provider which allows the API server to discover public signing keys. Only URLs which use the `https://` scheme are accepted.  This is typically the provider's discovery URL without a path, for example "https://accounts.google.com" or "https://login.salesforce.com".  This URL should point to the level below .well-known/openid-configuration | If the discovery URL is https://accounts.google.com/.well-known/openid-configuration the value should be https://accounts.google.com | Yes |
 | `--oidc-client-id` |  A client id that all tokens must be issued for. | kubernetes | Yes |
-| `--oidc-username-claim` | JWT claim to use as the user name. By default `sub`, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as `email`, depending on their provider. | sub | No |
+| `--oidc-username-claim` | JWT claim to use as the user name. By default `sub`, which is expected to be a unique identifier of the end user. Admins can choose other claims, such as `email` or `name`, depending on their provider. However, claims other than `email` will be prefixed with the issuer URL to prevent naming clashes with other plugins. | sub | No |
 | `--oidc-groups-claim` | JWT claim to use as the user's group. If the claim is present it must be an array of strings. | groups | No |
 | `--oidc-ca-file` | The path to the certificate for the CA that signed your identity provider's web certificate.  Defaults to the host's root CAs. | `/etc/kubernetes/ssl/kc-ca.pem` | No |
 
+If a claim other than `email` is chosen for `--oidc-username-claim`, the value
+will be prefixed with the `--oidc-issuer-url` to prevent clashes with existing
+Kubernetes names (such as the `system:` users). For example, if the provider
+URL is `https://accounts.google.com` and the username claim maps to `jane`, the
+plugin will authenticate the user as:
+
+```
+https://accounts.google.com#jane
+```
+
 Importantly, the API server is not an OAuth2 client, rather it can only be
 configured to trust a single issuer. This allows the use of public providers,
 such as Google, without trusting credentials issued to third parties. Admins who

docs/concepts/configuration/manage-compute-resources-container.md

@@ -138,7 +138,7 @@ When using Docker:
 - The `spec.containers[].resources.limits.cpu` is converted to its millicore value,
   multiplied by 100000, and then divided by 1000. This number is used as the value
   of the [`--cpu-quota`](https://docs.docker.com/engine/reference/run/#/cpu-quota-constraint)
-  flag in the `docker run` command.  he [`--cpu-period`] flag is set to 100000,
+  flag in the `docker run` command.  The [`--cpu-period`] flag is set to 100000,
    which represents the default 100ms period for measuring quota usage. The
    kubelet enforces cpu limits if it is started with the
   [`--cpu-cfs-quota`] flag set to true. As of Kubernetes version 1.2, this flag

docs/concepts/workloads/pods/init-containers.md

@@ -35,14 +35,10 @@ Init Containers are exactly like regular Containers, except:
 If an Init Container fails for a Pod, Kubernetes restarts the Pod repeatedly until the Init
 Container succeeds. However, if the Pod has a `restartPolicy` of Never, it is not restarted.
 
-To specify a Container as an Init Container, add the `annotations` key
-`pod.beta.kubernetes.io/init-containers`.  Its value should be a
-JSON array of objects of type
-[Container](http://kubernetes.io/docs/api-reference/v1/definitions/#_v1_container).
-
-The status of an Init Container is returned as another annotation,
-`pod.beta.kubernetes.io/init-container-statuses`, which is an array of
-container statuses similar to the `status.containerStatuses` field.
+To specify a Container as an Init Container, add the `initContainers` field on the PodSpec as a JSON array of objects of type [v1.Container](http://kubernetes.io/docs/api-reference/v1/definitions/#_v1_container) alongside the app `containers` array.
+The status of the init containers is returned in `status.initContainerStatuses`
+field as an array of the container statuses (similar to the `status.containerStatuses`
+field).
 
 ### Differences from regular Containers
 
@@ -262,9 +258,12 @@ reasons:
 
 ## Support and compatibility
 
-A cluster with Kubelet and Apiserver version 1.4.0 or greater supports Init
-Containers with the beta annotations. Support varies for other combinations of
-Kubelet and Apiserver versions; see the [release notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG.md) for details.
+A cluster with Apiserver version 1.6.0 or greater supports Init Containers
+using the `spec.initContainers` field. Previous versions support Init Containers
+using the alpha or beta annotations. The `spec.initContainers` field is also mirrored
+into alpha and beta annotations so that Kubelets version 1.3.0 or greater can execute
+Init Containers, and so that a version 1.6 apiserver can safely be rolled back to version
+1.5.x without losing Init Container functionality for existing created pods.
 
 {% endcapture %}
 

docs/getting-started-guides/kargo.md

@@ -2,10 +2,6 @@
 title: Installing Kubernetes On-premise/Cloud Providers with Kargo
 ---
 
-<style>
-li>.highlighter-rouge {position:relative; top:3px;}
-</style>
-
 ## Overview
 
 This quickstart helps to install a Kubernetes cluster hosted
@@ -47,7 +43,7 @@ to [kubeadm](../kubeadm) and [kops](../kops).
 * Customize your deployment by usual Ansible meanings, which is
   [generating inventory](https://github.com/kubernetes-incubator/kargo/blob/master/docs/getting-started.md#building-your-own-inventory)
   and overriding default data [variables](https://github.com/kubernetes-incubator/kargo/blob/master/docs/vars.md).
-  Or just stick with default values (Kargo will choose Flannel networking plugin for you
+  Or just stick with default values (Kargo will choose Calico networking plugin for you
   then). This includes steps like deciding on the:
   * DNS [configuration options](https://github.com/kubernetes-incubator/kargo/blob/master/docs/dns-stack.md)
   * [Networking plugin](https://github.com/kubernetes-incubator/kargo#network-plugins) to use

docs/getting-started-guides/kops.md

@@ -2,10 +2,6 @@
 title: Installing Kubernetes on AWS with kops
 ---
 
-<style>
-li>.highlighter-rouge {position:relative; top:3px;}
-</style>
-
 ## Overview
 
 This quickstart shows you how to easily install a Kubernetes cluster on AWS.

docs/getting-started-guides/kubeadm.md

@@ -7,10 +7,6 @@ assignees:
 title: Installing Kubernetes on Linux with kubeadm
 ---
 
-<style>
-li>.highlighter-rouge {position:relative; top:3px;}
-</style>
-
 ## Overview
 
 This quickstart shows you how to easily install a Kubernetes cluster on machines

docs/getting-started-guides/rkt/notes.md

@@ -51,15 +51,15 @@ Because of this, some flags in `kubectl run` are not supported, including:
 
 ## Volume relabeling
 
-Currently rkt supports only *per-pod* volume relabeling. After relabeling, the mounted volume is shared by all containers in the pod. There is not yet a way to make the relabeled volume accessible to only one, or some subset, of containers in the pod. [Kubernetes issue # 28187](https://github.com/kubernetes/kubernetes/issues/28187) has the details.
+Currently rkt supports only *per-pod* volume relabeling. After relabeling, the mounted volume is shared by all Containers in the pod. There is not yet a way to make the relabeled volume accessible to only one, or some subset, of Containers in the pod. [Kubernetes issue # 28187](https://github.com/kubernetes/kubernetes/issues/28187) has the details.
 
 ## kubectl get logs
 
 Under rktnetes, `kubectl get logs` currently cannot get logs from applications that write them to directly to `/dev/stdout`. Currently such log messages are printed on the node's console.
 
-## Init containers
+## Init Containers
 
-The beta [init container](/docs/user-guide/pods/init-containers.md) feature is currently not supported.
+[Init Container](/docs/user-guide/pods/init-containers.md) feature is currently not supported.
 
 ## Container restart back-off
 
@@ -71,7 +71,7 @@ The `--experimental-nvidia-gpus` flag, and related [GPU features](https://github
 
 ## QoS Classes
 
-Under rkt, QoS classes do not adjust the `OOM Score` of containers as occurs under Docker.
+Under rkt, QoS classes do not adjust the `OOM Score` of Containers as occurs under Docker.
 
 ## HostPID and HostIPC namespaces
 

docs/tasks/administer-cluster/change-pv-reclaim-policy.md

@@ -23,7 +23,7 @@ the default reclaim policy is "Delete". This means that a dynamically provisione
 volume is automatically deleted when a user deletes the corresponding
 `PeristentVolumeClaim`. This automatic behavior might be inappropriate if the volume
 contains precious data. In that case, it is more appropriate to use the "Retain"
-policy. With the "Retain" policy, if a user deletes a `PeristentVolumeClaim`,
+policy. With the "Retain" policy, if a user deletes a `PersistentVolumeClaim`,
 the corresponding `PersistentVolume` is not be deleted. Instead, it is moved to the
 `Released` phase, where all of its data can be manually recovered.
 

docs/tasks/configure-pod-container/configure-pod-initialization.md

@@ -3,7 +3,7 @@ title: Configuring Pod Initialization
 ---
 
 {% capture overview %}
-This page shows how to use an init Container to initialize a Pod before the
+This page shows how to use an Init Container to initialize a Pod before an
 application Container runs.
 
 {% endcapture %}
@@ -16,10 +16,10 @@ application Container runs.
 
 {% capture steps %}
 
-## Creating a Pod that has an init Container
+## Creating a Pod that has an Init Container
 
 In this exercise you create a Pod that has one application Container and one
-init Container. The init Container runs to completion before the application
+Init Container. The init container runs to completion before the application
 container starts.
 
 Here is the configuration file for the Pod:
@@ -27,33 +27,32 @@ Here is the configuration file for the Pod:
 {% include code.html language="yaml" file="init-containers.yaml" ghlink="/docs/tasks/configure-pod-container/init-containers.yaml" %}
 
 In the configuration file, you can see that the Pod has a Volume that the init
-Container and the application Container share. Notice that the init Container
-is a beta feature and is specified as an annotation.
+container and the application container share.
 
-The init Container mounts the
-shared Volume at `/work-dir`, and the application Container mounts the shared
-Volume at `/usr/share/nginx/html`. The init Container runs the following command
+The init container mounts the
+shared Volume at `/work-dir`, and the application container mounts the shared
+Volume at `/usr/share/nginx/html`. The init container runs the following command
 and then terminates:
 
      wget -O /work-dir/index.html http://kubernetes.io
 
-Notice that the init Container writes the `index.html` file in the root directory
+Notice that the init container writes the `index.html` file in the root directory
 of the nginx server.
 
 Create the Pod:
 
     kubectl create -f http://k8s.io/docs/tasks/configure-pod-container/init-containers.yaml
 
-Verify that the nginx Container is running:
+Verify that the nginx container is running:
 
     kubectl get pod init-demo
 
-The output shows that the nginx Container is running:
+The output shows that the nginx container is running:
 
     NAME      READY     STATUS    RESTARTS   AGE
     nginx     1/1       Running   0          43m
 
-Get a shell into nginx the Container running in the init-demo Pod:
+Get a shell into the nginx container running in the init-demo Pod:
 
     kubectl exec -it init-demo -- /bin/bash
 
@@ -83,7 +82,7 @@ The output shows that nginx is serving the web page that was written by the init
 
 * Learn more about
 [communicating between Containers running in the same Pod](/docs/tasks/configure-pod-container/communicate-containers-same-pod/).
-* Learn more about [init Containers](/docs/user-guide/pods/init-container/).
+* Learn more about [Init Containers](/docs/concepts/workloads/pods/init-containers/).
 * Learn more about [Volumes](/docs/concepts/storage/volumes/).
 
 {% endcapture %}

docs/tasks/configure-pod-container/init-containers.yaml

@@ -2,20 +2,6 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: init-demo
-  annotations:
-    pod.beta.kubernetes.io/init-containers: '[
-        {
-            "name": "install",
-            "image": "busybox",
-            "command": ["wget", "-O", "/work-dir/index.html", "http://kubernetes.io"],
-            "volumeMounts": [
-                {
-                    "name": "workdir",
-                    "mountPath": "/work-dir"
-                }
-            ]
-        }
-    ]'
 spec:
   containers:
   - name: nginx
@@ -25,6 +11,18 @@ spec:
     volumeMounts:
     - name: workdir
       mountPath: /usr/share/nginx/html
+  # These containers are run during pod initialization
+  initContainers:
+  - name: install
+    image: busybox
+    command:
+    - wget
+    - "-O"
+    - "/work-dir/index.html"
+    - http://kubernetes.io
+    volumeMounts:
+    - name: workdir
+      mountPath: "/work-dir"
   dnsPolicy: Default
   volumes:
   - name: workdir

docs/tasks/debug-application-cluster/debug-init-containers.md

@@ -91,11 +91,11 @@ Init Containers:
 ```
 
 You can also access the Init Container statuses programmatically by reading the
-`pod.beta.kubernetes.io/init-container-status` annotation on the Pod:
+`status.initContainerStatuses` field on the Pod Spec:
 
 {% raw %}
 ```shell
-kubectl get pod <pod-name> --template '{{index .metadata.annotations "pod.beta.kubernetes.io/init-container-statuses"}}'
+kubectl get pod nginx --template '{{.status.initContainerStatuses}}'
 ```
 {% endraw %}
 

docs/tasks/debug-application-cluster/monitor-node-health.md

@@ -36,7 +36,7 @@ it to [support other log format](/docs/admin/node-problem/#support-other-log-for
 
 ## Enable/Disable in GCE cluster
 
-Node problem detector is [running as a cluster addon](cluster-large.md/#addon-resources) enabled by default in the
+Node problem detector is [running as a cluster addon](/docs/admin/cluster-large/#addon-resources) enabled by default in the
 gce cluster.
 
 You can enable/disable it by setting the environment variable
@@ -194,8 +194,8 @@ and detects known kernel issues following predefined rules.
 
 The Kernel Monitor matches kernel issues according to a set of predefined rule list in
 [`config/kernel-monitor.json`](https://github.com/kubernetes/node-problem-detector/blob/v0.1/config/kernel-monitor.json).
-The rule list is extensible, and you can always extend it by [overwriting the
-configuration](/docs/admin/node-problem/#overwrite-the-configuration).
+The rule list is extensible, and you can always extend it by overwriting the
+configuration.
 
 ### Add New NodeConditions
 

docs/tasks/index.md

@@ -13,7 +13,7 @@ single thing, typically by giving a short sequence of steps.
 
 #### Using the kubectl Command Line
 
-* [Listing Alll Container Images Running in a Cluster](/docs/tasks/kubectl/list-all-running-container-images/)
+* [Listing All Container Images Running in a Cluster](/docs/tasks/kubectl/list-all-running-container-images/)
 * [Getting a Shell to a Running Container](/docs/tasks/kubectl/get-shell-running-container/)
 
 #### Configuring Pods and Containers

docs/tutorials/object-management-kubectl/declarative-object-management-configuration.md

@@ -383,7 +383,7 @@ The `kubectl apply` command writes the contents of the configuration file to the
 `kubectl.kubernetes.io/last-applied-configuration` annotation. This
 is used to identify fields that have been removed from the configuration
 file and need to be cleared from the live configuration. Here are the steps used
-to caluculate which fields should be deleted or set:
+to calculate which fields should be deleted or set:
 
 1. Calculate the fields to delete. These are the fields present in `last-applied-configuration` and missing from the configuration file.
 2. Calculate the fields to add or set. These are the fields present in the configuration file whose values don't match the live configuration.

docs/tutorials/object-management-kubectl/imperative-object-management-configuration.md

@@ -62,7 +62,7 @@ The `create`, `replace`, and `delete` commands work well when each object's
 configuration is fully defined and recorded in its configuration
 file. However when a live object is updated, and the updates are not merged
 into its configuration file, the updates will be lost the next time a `replace`
-is executed. This is can happen if a controller, such as
+is executed. This can happen if a controller, such as
 a HorizontalPodAutoscaler, makes updates directly to a live object. Here's 
 an example:
 

docs/tutorials/stateful-application/run-replicated-stateful-application.md

@@ -151,8 +151,6 @@ properties to perform orderly startup of MySQL replication.
 Before starting any of the containers in the Pod spec, the Pod first runs any
 [Init Containers](/docs/user-guide/production-pods/#handling-initialization)
 in the order defined.
-In the StatefulSet manifest, you can find these defined within the
-`pod.beta.kubernetes.io/init-containers` annotation.
 
 The first Init Container, named `init-mysql`, generates special MySQL config
 files based on the ordinal index.

docs/tutorials/stateless-application/run-stateless-application-deployment.md

@@ -61,6 +61,10 @@ a Deployment that runs the nginx:1.7.9 Docker image:
         StrategyType:   RollingUpdate
         MinReadySeconds:  0
         RollingUpdateStrategy:  1 max unavailable, 1 max surge
+        Conditions:
+          Type          Status  Reason
+          ----          ------  ------
+          Available     True    MinimumReplicasAvailable
         OldReplicaSets:   <none>
         NewReplicaSet:    nginx-deployment-1771418926 (2/2 replicas created)
         No events.

docs/user-guide/configmap/index.md

@@ -46,7 +46,7 @@ of configuration files.
 
 Configuration data can be consumed in pods in a variety of ways.  ConfigMaps can be used to:
 
-1.  Populate the value of environment variables
+1.  Populate the values of environment variables
 2.  Set command-line arguments in a container
 3.  Populate config files in a volume
 

docs/user-guide/kubectl/kubectl_completion.md

@@ -9,7 +9,7 @@ Output shell completion code for the given shell (bash or zsh)
 
 Output shell completion code for the given shell (bash or zsh).
 
-This command prints shell code which must be evaluation to provide interactive completion of kubectl commands.
+This command prints shell code which must be evaluated to provide interactive completion of kubectl commands.
 
   `$ source <(kubectl completion bash)`
 

docs/user-guide/namespaces.md

@@ -64,16 +64,8 @@ $ kubectl --namespace=<insert-namespace-name-here> get pods
 You can permanently save the namespace for all subsequent kubectl commands in that
 context.
 
-First get your current context:
-
 ```shell
-$ export CONTEXT=$(kubectl config view | awk '/current-context/ {print $2}')
-```
-
-Then update the default namespace:
-
-```shell
-$ kubectl config set-context $CONTEXT --namespace=<insert-namespace-name-here>
+$ kubectl config set-context $(kubectl config current-context) --namespace=<insert-namespace-name-here>
 # Validate it
 $ kubectl config view | grep namespace:
 ```

docs/user-guide/nginx-init-containers.yaml

@@ -2,20 +2,6 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: nginx
-  annotations:
-    pod.beta.kubernetes.io/init-containers: '[
-        {
-            "name": "install",
-            "image": "busybox",
-            "command": ["wget", "-O", "/work-dir/index.html", "http://kubernetes.io/index.html"],
-            "volumeMounts": [
-                {
-                    "name": "workdir",
-                    "mountPath": "/work-dir"
-                }
-            ]
-        }
-    ]'
 spec:
   containers:
   - name: nginx
@@ -25,6 +11,18 @@ spec:
     volumeMounts:
     - name: workdir
       mountPath: /usr/share/nginx/html
+  # These containers are run during pod initialization
+  initContainers:
+  - name: install
+    image: busybox
+    command:
+    - wget
+    - "-O"
+    - "/work-dir/index.html"
+    - http://kubernetes.io/index.html
+    volumeMounts:
+    - name: workdir
+      mountPath: "/work-dir"
   dnsPolicy: Default
   volumes:
   - name: workdir

docs/user-guide/pod-security-policy/index.md

@@ -112,6 +112,9 @@ to the volume sources that are defined when creating a volume:
 The recommended minimum set of allowed volumes for new PSPs are 
 configMap, downwardAPI, emptyDir, persistentVolumeClaim, and secret.
 
+### Host Network
+ - *HostPorts*, default `empty`. List of `HostPortRange`, defined by `min`(inclusive) and `max`(inclusive), which define the allowed host ports.
+ 
 ## Admission
 
 _Admission control_ with `PodSecurityPolicy` allows for control over the creation of resources

docs/user-guide/pod-security-policy/psp.yaml

@@ -17,6 +17,12 @@
       "fsGroup": {
           "rule": "RunAsAny"
       },
+      "HostPorts": [
+          {
+          "min": 8000,
+          "max": 8080
+          }
+      ],
       "volumes": ["*"]
   }
 }