From 1679bed80344a25f186d37f6c41bb5e46e353f1e Mon Sep 17 00:00:00 2001
From: Anago GCB <nobody@k8s.io>
Date: Tue, 15 Oct 2019 10:25:03 +0000
Subject: [PATCH] Update CHANGELOG-1.17.md for v1.17.0-alpha.2.

---
 CHANGELOG-1.17.md | 118 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 115 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG-1.17.md b/CHANGELOG-1.17.md
index d3ac4fd5a57..abbd87180b6 100644
--- a/CHANGELOG-1.17.md
+++ b/CHANGELOG-1.17.md
@@ -1,17 +1,129 @@
 <!-- BEGIN MUNGE: GENERATED_TOC -->
-- [v1.17.0-alpha.1](#v1170-alpha1)
-  - [Downloads for v1.17.0-alpha.1](#downloads-for-v1170-alpha1)
+- [v1.17.0-alpha.2](#v1170-alpha2)
+  - [Downloads for v1.17.0-alpha.2](#downloads-for-v1170-alpha2)
     - [Client Binaries](#client-binaries)
     - [Server Binaries](#server-binaries)
     - [Node Binaries](#node-binaries)
-  - [Changelog since v1.16.0](#changelog-since-v1160)
+  - [Changelog since v1.17.0-alpha.1](#changelog-since-v1170-alpha1)
     - [Action Required](#action-required)
     - [Other notable changes](#other-notable-changes)
+- [v1.17.0-alpha.1](#v1170-alpha1)
+  - [Downloads for v1.17.0-alpha.1](#downloads-for-v1170-alpha1)
+    - [Client Binaries](#client-binaries-1)
+    - [Server Binaries](#server-binaries-1)
+    - [Node Binaries](#node-binaries-1)
+  - [Changelog since v1.16.0](#changelog-since-v1160)
+    - [Action Required](#action-required-1)
+    - [Other notable changes](#other-notable-changes-1)
 <!-- END MUNGE: GENERATED_TOC -->
 
 <!-- NEW RELEASE NOTES ENTRY -->
 
 
+# v1.17.0-alpha.2
+
+[Documentation](https://docs.k8s.io)
+
+## Downloads for v1.17.0-alpha.2
+
+
+filename | sha512 hash
+-------- | -----------
+[kubernetes.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes.tar.gz) | `37583337b992d9a5ebe5a4677e08c13617b8b9db9ee8f049773b624351c00acacf02daca2f87a357aaa75edcc3a4db2c64e6a7da502a6153d06e228ff6be6006`
+[kubernetes-src.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-src.tar.gz) | `a44fee5be20c7fb64c58d0a69377074db05ec6889892c93ce970406cb393a1fde60a75612e74802cb2e0085b6357183c1f30e4b322dacf6f30597ab5fd5948f9`
+
+### Client Binaries
+
+filename | sha512 hash
+-------- | -----------
+[kubernetes-client-darwin-386.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-darwin-386.tar.gz) | `4aa92894eeaedb022e5409e08784ce1bd34ba268032ef93ad4c438b6ed9f1a210222f5f4a4fc68198d71e167c78bb7695459e4c99059898e1e0cf7c1ae70080c`
+[kubernetes-client-darwin-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-darwin-amd64.tar.gz) | `1815a3bdd1c13782026fced8720201dea2e518dc56a43e2b53f89341108f03ec0b5ea6efadd8460ab1715b65ae52f9bdd49066f716573e0d76ff3036e193b8d3`
+[kubernetes-client-linux-386.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-386.tar.gz) | `9a470907d6203e69c996f8db3cc257af23f9b35236ee2d5a87d22cd6056eef4f07671cd5711ec4999c1edd93385c4f7e5d6d0b8096404e88414a1ed83b58de4f`
+[kubernetes-client-linux-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-amd64.tar.gz) | `011d44cf35c841d331a5a0d88b8a5deb7781fa678702ac6402050d096e72396dc76ccaa67a371273bc428612536357c19306d250bd47db4ac5147ff8cc5e1296`
+[kubernetes-client-linux-arm.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-arm.tar.gz) | `1f45d9a9852d2b0a0420b0a26b3add9031d7d691c55660d60580614e6ab6e2d732017832ed3f737f8a43db088e91b64edf12298675be6d128775dce3e4d0ddbe`
+[kubernetes-client-linux-arm64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-arm64.tar.gz) | `e355f69caed044e5e27efe7ae42027e799a87ec647810fbadf644d147de2f6bd478e338ebb211044a9e6483d32f3534cc40d7b4d735d16d3b6c55e7975515f20`
+[kubernetes-client-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-ppc64le.tar.gz) | `355e0d8c5f241bc2303c38447c241ff8f5151af51aeacf15fa2b96e2721ecc011b5aec84c3f93a26aad86aa29179d16054e34d45bff2824c1abbf1deb571f0f5`
+[kubernetes-client-linux-s390x.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-linux-s390x.tar.gz) | `7cdfc6cde7922290b46f291a168519f4c923fee97968399940164a8a7d8592701b262b30fa299c13f025c70f46f5d32c17a9699f0bf3e5bd55ab4811f01f59ed`
+[kubernetes-client-windows-386.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-windows-386.tar.gz) | `7170da100b2d1d8700990c4175c7d048347b8dcc71e0ceb6c01728f5e6266dd0d5766e5206820d9e54d243ffa73abd5dd72715d6984598655f6160d43cb45a15`
+[kubernetes-client-windows-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-client-windows-amd64.tar.gz) | `74484b5c841e1c57c9baf88b84a9cbf3b9865527a8723815cbe8e7384805c80d971126c0b54d52e446d55b04e209984461ec8a8eff4c58aaa50397db0111cca5`
+
+### Server Binaries
+
+filename | sha512 hash
+-------- | -----------
+[kubernetes-server-linux-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-server-linux-amd64.tar.gz) | `3fb3c5da6e45b32e8d89d4914f0b04cf95242cb0e4ea70b06a665c2975d8b6bbff6206e1f8769f49836b9dc12fb0946cc1986e475945413aff053661941f622b`
+[kubernetes-server-linux-arm.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-server-linux-arm.tar.gz) | `ff71c9a3f81f2e43d541b9b043e5f43fd30972c2b0ae5d9f3992f76effdcab2d027835844109ee3b501e365994f97aa5b6528a9d23db8ec3f05af6cb6d0e01d0`
+[kubernetes-server-linux-arm64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-server-linux-arm64.tar.gz) | `26b9fce5ed930ad3eea5eeab3bec3b009f65837139f7da3644aacdcccda654fe542b03e1c4280950ca561f624ef24da01acff23e3f3b72d1001d794c8d6aa230`
+[kubernetes-server-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-server-linux-ppc64le.tar.gz) | `ad980f5efe83da1f2a202035eb1cff44ea72692fc3fc5f7d23fd8fc3b80a6797dbb263cc240d8fd2cde80a786b48352127f52c0a1db02e9d09a44440c1704406`
+[kubernetes-server-linux-s390x.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-server-linux-s390x.tar.gz) | `8e1ab7abd4c13c3d4211e5dd1be63ecd482691fd2cb7b2d3492bb2a02003ec33abe0a7b26e4e93f9586c5fc6fddbfbb559c4c28dcdc65564aeadceb2bc543a7d`
+
+### Node Binaries
+
+filename | sha512 hash
+-------- | -----------
+[kubernetes-node-linux-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-linux-amd64.tar.gz) | `c0928e414e439ba63321ce770a04ea332a4cc93ec87dd9d222fe3f5a593995111a6c0a60a413018d59367df6b4d0ab6f64904551f29f5c94ea406c68cc43b3b3`
+[kubernetes-node-linux-arm.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-linux-arm.tar.gz) | `990a253ba49203348a587ca4d4acf7c25ff47a97b39519dfc7d5bdc2f3ea4713930e17dc6b9ff02a2a6ae2e84011d05d4471dfbfe1ab0627c102f9aa2205114d`
+[kubernetes-node-linux-arm64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-linux-arm64.tar.gz) | `79381ad17eefc679fb549126eba23ffa65e625d0e1fec459dd54823897947b17a0e7ef6f446dc9e54f16b3e4995e4a084146dcf895e994813233953a3795e3a3`
+[kubernetes-node-linux-ppc64le.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-linux-ppc64le.tar.gz) | `7cfea9b9fa27dcc2024260e19d5e74db2175b491093c8906721d99c94b46af1c2b3ad91fe0fb799de639191fcb0e8ceab1b67bb260d615825002a3239c7b3ed0`
+[kubernetes-node-linux-s390x.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-linux-s390x.tar.gz) | `590bc2afd835a4a236a4a2ab2cde416aae9efdec14c34355a54b671d89308f3729f5af076139cc9c78e323666565ba1fa441149b681fc6addcab133205a3c41f`
+[kubernetes-node-windows-amd64.tar.gz](https://dl.k8s.io/v1.17.0-alpha.2/kubernetes-node-windows-amd64.tar.gz) | `4c15c7c30de0f9d921b534433332b14eb685ad8a3a416315def1cc1064b802227ea4b556bc53a68d75be898b49acadee8317a2355635a69d1c4d305d890e5009`
+
+## Changelog since v1.17.0-alpha.1
+
+### Action Required
+
+* Expand scheduler priority functions and scheduling framework plugins' node score range to [0, 100]. action required. Note: this change is internal and does not affect extender and RequestedToCapacityRatio custom priority, which are still expected to provide a [0, 10] range. ([#83522](https://github.com/kubernetes/kubernetes/pull/83522), [@draveness](https://github.com/draveness))
+* action required: kubeadm: when adding extra apiserver authorization-modes, the defaults "Node,RBAC" are no longer prepended in the resulting static Pod manifests and a full override is allowed. ([#82616](https://github.com/kubernetes/kubernetes/pull/82616), [@ghouscht](https://github.com/ghouscht))
+* ACTION REQUIRED: kubeadm: properly enable kubelet client certificate rotation on primary control-plane nodes, created using "kubeadm init". A side effect of this change is that for external CA users, kubeadm now requires "bootstrap-kubelet.conf" instead of "kubelet.conf" during "kubeadm init" and its phases. ([#83339](https://github.com/kubernetes/kubernetes/pull/83339), [@neolit123](https://github.com/neolit123))
+* Action Required: `kubeadm.k8s.io/v1beta1` has been deprecated, you should update your config to use newer non-deprecated API versions. ([#83276](https://github.com/kubernetes/kubernetes/pull/83276), [@Klaven](https://github.com/Klaven))
+
+### Other notable changes
+
+* [migration phase 1] PodFitsHostPorts as filter plugin ([#83659](https://github.com/kubernetes/kubernetes/pull/83659), [@wgliang](https://github.com/wgliang))
+* [migration phase 1] PodFitsResources as framework plugin ([#83650](https://github.com/kubernetes/kubernetes/pull/83650), [@wgliang](https://github.com/wgliang))
+* Fixed attachment of AWS volumes that have just been detached. ([#83567](https://github.com/kubernetes/kubernetes/pull/83567), [@jsafrane](https://github.com/jsafrane))
+* [migration phase 1] PodMatchNodeSelector/NodAffinity as filter plugin ([#83660](https://github.com/kubernetes/kubernetes/pull/83660), [@wgliang](https://github.com/wgliang))
+* Upgrade to etcd client 3.3.17 to fix bug where etcd client does not parse IPv6 addresses correctly when members are joining, and to fix bug where failover on multi-member etcd cluster fails certificate check on DNS mismatch ([#83801](https://github.com/kubernetes/kubernetes/pull/83801), [@jpbetz](https://github.com/jpbetz))
+* Fixed panic when accessing CustomResources of a CRD with x-kubernetes-int-or-string. ([#83787](https://github.com/kubernetes/kubernetes/pull/83787), [@sttts](https://github.com/sttts))
+* Change `pod_preemption_victims` metric from Gauge to Histogram. ([#83603](https://github.com/kubernetes/kubernetes/pull/83603), [@Tabrizian](https://github.com/Tabrizian))
+* Expose SharedInformerFactory in the framework handle ([#83663](https://github.com/kubernetes/kubernetes/pull/83663), [@draveness](https://github.com/draveness))
+* Add more tracing steps in generic_scheduler ([#83539](https://github.com/kubernetes/kubernetes/pull/83539), [@wgliang](https://github.com/wgliang))
+* [migration phase 1] PodFitsHost as filter plugin ([#83662](https://github.com/kubernetes/kubernetes/pull/83662), [@wgliang](https://github.com/wgliang))
+* The topology manager aligns resources for pods of all QoS classes with respect to NUMA locality, not just Guaranteed QoS pods. ([#83492](https://github.com/kubernetes/kubernetes/pull/83492), [@ConnorDoyle](https://github.com/ConnorDoyle))
+* Fix unsafe JSON construction in a number of locations in the codebase ([#81158](https://github.com/kubernetes/kubernetes/pull/81158), [@zouyee](https://github.com/zouyee))
+* Fixed a bug in the single-numa-node policy of the TopologyManager.  Previously, pods that only requested CPU resources and did not request any third-party devices would fail to launch with a TopologyAffinity error. Now they will launch successfully. ([#83697](https://github.com/kubernetes/kubernetes/pull/83697), [@klueska](https://github.com/klueska))
+* Add per-pod scheduling metrics across 1 or more schedule attempts. ([#83674](https://github.com/kubernetes/kubernetes/pull/83674), [@liu-cong](https://github.com/liu-cong))
+* Fix validation message to mention bytes, not characters. ([#80880](https://github.com/kubernetes/kubernetes/pull/80880), [@DirectXMan12](https://github.com/DirectXMan12))
+* external facing APIs in pluginregistration and deviceplugin packages are now available under k8s.io/kubelet/pkg/apis/ ([#83551](https://github.com/kubernetes/kubernetes/pull/83551), [@dims](https://github.com/dims))
+* Fix error where metrics related to dynamic kubelet config isn't registered ([#83184](https://github.com/kubernetes/kubernetes/pull/83184), [@odinuge](https://github.com/odinuge))
+* The VolumeSubpathEnvExpansion feature is graduating to GA. The `VolumeSubpathEnvExpansion` feature gate is unconditionally enabled, and will be removed in v1.19. ([#82578](https://github.com/kubernetes/kubernetes/pull/82578), [@kevtaylor](https://github.com/kevtaylor))
+* Openstack: Do not delete managed LB in case of security group reconciliation errors ([#82264](https://github.com/kubernetes/kubernetes/pull/82264), [@multi-io](https://github.com/multi-io))
+* The mutating and validating admission webhook plugins now read configuration from the admissionregistration.k8s.io/v1 API. ([#80883](https://github.com/kubernetes/kubernetes/pull/80883), [@liggitt](https://github.com/liggitt))
+* kubeadm: implemented structured output of 'kubeadm token list' in JSON, YAML, Go template and JsonPath formats ([#78764](https://github.com/kubernetes/kubernetes/pull/78764), [@bart0sh](https://github.com/bart0sh))
+* kube-proxy: a configuration file specified via `--config` is now loaded with strict deserialization, which fails if the config file contains duplicate or unknown fields. This protects against accidentally running with config files that are malformed, mis-indented, or have typos in field names, and getting unexpected behavior. ([#82927](https://github.com/kubernetes/kubernetes/pull/82927), [@obitech](https://github.com/obitech))
+* Add "podInitialBackoffDurationSeconds" and "podMaxBackoffDurationSeconds" to the scheduler config API ([#81263](https://github.com/kubernetes/kubernetes/pull/81263), [@draveness](https://github.com/draveness))
+* Authentication token cache size is increased (from 4k to 32k) to support clusters with many nodes or many namespaces with active service accounts. ([#83643](https://github.com/kubernetes/kubernetes/pull/83643), [@lavalamp](https://github.com/lavalamp))
+* Bumps the minimum version of Go required for building Kubernetes to 1.12.4. ([#83596](https://github.com/kubernetes/kubernetes/pull/83596), [@jktomer](https://github.com/jktomer))
+* kube-proxy iptables probabilities are now more granular and will result in better distribution beyond 319 endpoints. ([#83599](https://github.com/kubernetes/kubernetes/pull/83599), [@robscott](https://github.com/robscott))
+* Fixed the bug that deleted services were processed by EndpointSliceController repeatedly even their cleanup were successful. ([#82996](https://github.com/kubernetes/kubernetes/pull/82996), [@tnqn](https://github.com/tnqn))
+* If a bad flag is supplied to a kubectl command, only a tip to run --help is printed, instead of the usage menu.  Usage menu is printed upon running `kubectl command --help`.  ([#82423](https://github.com/kubernetes/kubernetes/pull/82423), [@sallyom](https://github.com/sallyom))
+* If container fails because ContainerCannotRun, do not utilize the FallbackToLogsOnError TerminationMessagePolicy, as it masks more useful logs. ([#81280](https://github.com/kubernetes/kubernetes/pull/81280), [@yqwang-ms](https://github.com/yqwang-ms))
+* Fixed cleanup of raw block devices after kubelet restart. ([#83451](https://github.com/kubernetes/kubernetes/pull/83451), [@jsafrane](https://github.com/jsafrane))
+* Commands like `kubectl apply` now return errors if schema-invalid annotations are specified, rather than silently dropping the entire annotations section. ([#83552](https://github.com/kubernetes/kubernetes/pull/83552), [@liggitt](https://github.com/liggitt))
+* Expose kubernetes client in the scheduling framework handle. ([#82432](https://github.com/kubernetes/kubernetes/pull/82432), [@draveness](https://github.com/draveness))
+* kubeadm: fix wrong default value for the "upgrade node --certificate-renewal" flag. ([#83528](https://github.com/kubernetes/kubernetes/pull/83528), [@neolit123](https://github.com/neolit123))
+* IP validates if a string is a valid IP address ([#83104](https://github.com/kubernetes/kubernetes/pull/83104), [@zouyee](https://github.com/zouyee))
+* The `--certificate-authority` flag now correctly overrides existing skip TLS or CA data settings in the kubeconfig file ([#83547](https://github.com/kubernetes/kubernetes/pull/83547), [@liggitt](https://github.com/liggitt))
+* hyperkube will now be available in a new github repository and will not be included in the kubernetes release from 1.17 onwards ([#83454](https://github.com/kubernetes/kubernetes/pull/83454), [@dims](https://github.com/dims))
+* more complete and accurate logging of stack backtraces in E2E failures ([#82176](https://github.com/kubernetes/kubernetes/pull/82176), [@pohly](https://github.com/pohly))
+* Kubeadm: add support for 127.0.0.1 as advertise address. kubeadm will automatically replace this value with matching global unicast IP address on the loopback interface.  ([#83475](https://github.com/kubernetes/kubernetes/pull/83475), [@fabriziopandini](https://github.com/fabriziopandini))
+* Rename PluginContext to CycleState in the scheduling framework ([#83430](https://github.com/kubernetes/kubernetes/pull/83430), [@draveness](https://github.com/draveness))
+* kube-scheduler: a configuration file specified via `--config` is now loaded with strict deserialization, which fails if the config file contains duplicate or unknown fields. This protects against accidentally running with config files that are malformed, mis-indented, or have typos in field names, and getting unexpected behavior. ([#83030](https://github.com/kubernetes/kubernetes/pull/83030), [@obitech](https://github.com/obitech))
+* Significant kube-proxy performance improvements for non UDP ports. ([#83208](https://github.com/kubernetes/kubernetes/pull/83208), [@robscott](https://github.com/robscott))
+* Fixes a flaw (CVE-2019-11253) in json/yaml decoding where large or malformed documents could consume excessive server resources. Request bodies for normal API requests (create/delete/update/patch operations of regular resources) are now limited to 3MB. ([#83261](https://github.com/kubernetes/kubernetes/pull/83261), [@liggitt](https://github.com/liggitt))
+
+
+
 # v1.17.0-alpha.1
 
 [Documentation](https://docs.k8s.io)