* kube-apiserver learned the '--anonymous-auth' flag, which defaults to true. When enabled, requests to the secure port that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of 'system:anonymous' and a group of 'system:unauthenticated'.

agent) that runs one, and only one, pod per node.
     * TLS and L7 support (Ingress API (Beta) in the Extensions API group): Kubernetes
is now easier to integrate into custom networking environments by supporting
TLS for secure communication and L7 http-based traffic routing.
     * Graceful Node Shutdown (aka drain) - The new “kubectl drain” command gracefully
evicts pods from nodes in preparation for disruptive operations like kernel

     */
    boolean isCookieSearchParameterHttpOnly();

    /**
     * Get the value for the key 'cookie.search.parameter.secure'. <br>
     * The value is, e.g.  <br>
     * comment: Whether to set Secure attribute to the search parameter cookie. Should be true in production environments using HTTPS.

	public final fun path ()Ljava/lang/String;
	public final fun persistent ()Z
	public final fun sameSite ()Ljava/lang/String;
	public final fun secure ()Z
	public fun toString ()Ljava/lang/String;
	public final fun value ()Ljava/lang/String;
}

public final class okhttp3/Cookie$Builder {
	public fun <init> ()V
	public final fun build ()Lokhttp3/Cookie;

- GCERegionalPersistentDisk feature is GA now! ([#70716](https://github.com/kubernetes/kubernetes/pull/70716), [@jingxu97](https://github.com/jingxu97))

#### kubectl:

scrysec.com
sd
sd.cn
sd.us
sdn.gov.pl
sdscloud.pl
se
se.eu.org
se.gov.br
se.leg.br
se.net
search
seat
sebastopol.ua
sec.ps
secaas.hk
secret.jp
secure
security
securitytactics.com
seek
seg.br
seidat.net
seihi.nagasaki.jp
seika.kyoto.jp
seiro.niigata.jp
seirou.niigata.jp
seiyo.ehime.jp
sejny.pl
sekd1.beebyteapp.io

        headers =
          headersOf(
            "Set-Cookie",
            "a=b; Expires=Thu, 01 Jan 1970 00:00:00 GMT",
            "Set-Cookie",
            "c=d; Expires=Fri, 02 Jan 1970 23:59:59 GMT; path=/bar; secure",
          ),
      ),
    )
    val cookieJar = RecordingCookieJar()
    client =
      client
        .newBuilder()
        .cookieJar(cookieJar)
        .build()

* kubeadm: kubelets in kubeadm clusters now disable the readonly port (10255). If you're relying on unauthenticated access to the readonly port, please switch to using the secure port (10250). Instead, you can now use ServiceAccount tokens when talking to the secure port, which will make it easier to get access to, for example, the `/metrics` endpoint of the kubelet, securely. ([#64187](https://github.com/kubernetes/kubernetes/pull/64187), [@luxas](https://github.com/luxas))...

search

// seat : SEAT, S.A. (Sociedad Unipersonal)
// https://www.iana.org/domains/root/db/seat.html
seat

// secure : Amazon Registry Services, Inc.
// https://www.iana.org/domains/root/db/secure.html
secure

// security : XYZ.COM LLC
// https://www.iana.org/domains/root/db/security.html
security

// seek : Seek Limited