- [Container Images](#container-images-14)
  - [Changelog since v1.30.0](#changelog-since-v1300)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Changes by Kind](#changes-by-kind-14)
    - [Deprecation](#deprecation-1)
    - [API Change](#api-change-2)
    - [Feature](#feature-10)

* Retry 'connection refused' errors when setting up clusters on GCE. ([#57394](https://github.com/kubernetes/kubernetes/pull/57394), [@mborsz](https://github.com/mborsz))

* YAMLDecoder Read now returns the number of bytes read ([#57000](https://github.com/kubernetes/kubernetes/pull/57000), [@sel](https://github.com/sel))

          call: Call,
          response: Response,
        ) {
          val bytes = response.body.byteStream()
          assertThat(bytes.read()).isEqualTo('a'.code)
          assertThat(bytes.read()).isEqualTo('b'.code)
          assertThat(bytes.read()).isEqualTo('c'.code)

          // This request will share a connection with 'A' cause it's all done.

*   Taint key `unreachable` is now in GA.
*   Taint key `notReady` is changed to `not-ready`, and is also now in GA.
*   These changes are automatically updated for taints. Tolerations for these taints must be updated manually. Specifically, you must:
    *   Change `node.alpha.kubernetes.io/notReady` to `node.kubernetes.io/not-ready`
    *   Change `node.alpha.kubernetes.io/unreachable` to  `node.kubernetes.io/unreachable`

    * To avoid that negative effect only use per pod metrics from pods that are:
    * - ready (so metrics about them should be valid), or
    * - unready but creation and last readiness change timestamps are apart more than 10s (pods that have formerly been ready and so metrics are in at least some cases (pod becoming unready because of overload) very useful).

    - [Container Images](#container-images-15)
  - [Changelog since v1.25.0](#changelog-since-v1250)
  - [Urgent Upgrade Notes](#urgent-upgrade-notes)
    - [(No, really, you MUST read this before you upgrade)](#no-really-you-must-read-this-before-you-upgrade)
  - [Changes by Kind](#changes-by-kind-15)
    - [Deprecation](#deprecation)
    - [API Change](#api-change-8)
    - [Feature](#feature-15)

    byte[] buf1 = createBuffer();
    byte[] buf2 = createBuffer();
    while (true) {
      int read1 = read(in1, buf1, 0, BUFFER_SIZE);
      int read2 = read(in2, buf2, 0, BUFFER_SIZE);
      if (read1 != read2 || !arraysEqual(buf1, buf2, read1)) {
        return false;
      } else if (read1 != BUFFER_SIZE) {
        return true;
      }
    }
  }

		if er.readN == 0 && Equal(etag, er.checksum) {
			return er
		}
	}
	if len(forceMD5) != 0 {
		return &Reader{
			src:      r,
			md5:      NewUUIDHash(forceMD5),
			checksum: etag,
		}
	}
	return &Reader{
		src:      r,
		md5:      md5.New(),
		checksum: etag,
	}
}

// Read reads up to len(p) bytes from the underlying
// io.Reader as specified by the io.Reader interface.

any { var c *Counter entropy.Depleted(func(seed *[48]byte) { c = NewCounter(seed) }) return c }, } // Read fills b with cryptographically secure random bytes. In FIPS mode, it // uses an SP 800-90A Rev. 1 Deterministic Random Bit Generator (DRBG). // Otherwise, it uses the operating system's random number generator. func Read(b []byte) { if !fips140.Enabled { sysrand.Read(b) return } // At every read, 128 random bits from the operating system are mixed as // additional input, to make the output as strong...

* Kubernetes will try to read the openstack auth config from the client config and fall back to read from the environment variables if the auth config is not available. ([#60200](https://github.com/kubernetes/kubernetes/pull/60200), [@dixudx](https://github.com/dixudx))

### SIG Scheduling