* genericapiserver: extract CA cert from server cert and SNI cert chains ([#39022](https://github.com/kubernetes/kubernetes/pull/39022), [@sttts](https://github.com/sttts))
* genericapiserver: turn APIContainer.SecretRoutes into a real ServeMux ([#38826](https://github.com/kubernetes/kubernetes/pull/38826), [@sttts](https://github.com/sttts))

322D          ; disallowed_STD3_mapped ; 0028 6728 0029 #1.1  PARENTHESIZED IDEOGRAPH WOOD
322E          ; disallowed_STD3_mapped ; 0028 91D1 0029 #1.1  PARENTHESIZED IDEOGRAPH METAL
322F          ; disallowed_STD3_mapped ; 0028 571F 0029 #1.1  PARENTHESIZED IDEOGRAPH EARTH
3230          ; disallowed_STD3_mapped ; 0028 65E5 0029 #1.1  PARENTHESIZED IDEOGRAPH SUN

* Fix a string comparison bug in IPVS graceful termination where UDP real servers are not deleted. ([#78999](https://github.com/kubernetes/kubernetes/pull/78999), [@andrewsykim](https://github.com/andrewsykim))

### Network

- Fix a string comparison bug in IPVS graceful termination where UDP real servers are not deleted. ([#78999](https://github.com/kubernetes/kubernetes/pull/78999), [@andrewsykim](https://github.com/andrewsykim))

   * **NOTE:** This command is currently staged under `kubeadm alpha phase` and will be graduated to top level in a future release.

#### kops

* [alpha] Added support for targeting bare metal (or non-cloudprovider) machines. ([#360](https://github.com/kubernetes/enhancements/issues/360), [@justinsb](https://github.com/justinsb)).

    * sync time.
 
    * The goal is for administrators to be able to alert on proxies that, for
    * whatever reason, are quite stale.
* Fix a string comparison bug in IPVS graceful termination where UDP real servers are not deleted. ([#78999](https://github.com/kubernetes/kubernetes/pull/78999), [@andrewsykim](https://github.com/andrewsykim))

even more robust has been a major focus for this cycle for SIG Cluster Lifecycle (see the May 6, 2019 [Community Update](https://docs.google.com/presentation/d/1QUOsQxfEfHlMq4lPjlK2ewQHsr9peEKymDw5_XwZm8Q/edit?usp=sharing)). Bug fixes across bare metal tooling and production-ready user stories, such as the high availability use cases have been given priority for 1.15.

kubeadm, the cluster lifecycle building block, continues to receive features and stability work required for bootstrapping...

* CRI now defines mounting behavior. If the host path doesn't exist, the runtime should return an error. If the host path is a symlink, the runtime should follow the symlink and mount the real destination to the container. ([#61460](https://github.com/kubernetes/kubernetes/pull/61460), [@feiskyer](https://github.com/feiskyer))

### SIG OpenStack

    <magic priority="50">
       <match value="Windows Media Audio" type="unicodeLE" offset="0:8192" />
    </magic>
  </mime-type>

  <mime-type type="audio/x-pn-realaudio">
    <_comment>Real Audio</_comment>
    <alias type="audio/x-realaudio" />
    <magic priority="50">
      <match value="0x2e7261fd" type="big32" offset="0"/>
    </magic>
    <glob pattern="*.ram"/>
    <glob pattern="*.ra"/>

* Fix a string comparison bug in IPVS graceful termination where UDP real servers are not deleted. ([#78999](https://github.com/kubernetes/kubernetes/pull/78999), [@andrewsykim](https://github.com/andrewsykim))