from when they are off due to floating-point round-off errors from
            different computation approaches and orders.
        *   To verify that the optimizations are on, look for a message with
            "*oneDNN custom operations are on*" in the log. If the exact phrase
            is not there, it means they are off.

## Bug Fixes and Other Changes

  - [Changelog since v1.23.0](#changelog-since-v1230)
  - [Major Themes](#major-themes)
    - [Dockershim Removed from kubelet](#dockershim-removed-from-kubelet)
    - [Beta APIs Off by Default](#beta-apis-off-by-default)
    - [Signing Release Artifacts](#signing-release-artifacts)
    - [OpenAPI v3](#openapi-v3)

- The kube-proxy sync_proxy_rules_iptables_total metric now gives
  the correct number of rules, rather than being off by one.
  
  Fixed multiple iptables proxy regressions introduced in 1.22:
  
    - When using Services with SessionAffinity, client affinity for an
      endpoint now gets broken when that endpoint becomes non-ready

### Promoted CSI Ephemeral Volume to Stable

- The --leader-elect* CLI args are now honored correctly in scheduler. (#106130, @Huang-Wei) [SIG Scheduling]
- The kube-proxy sync_proxy_rules_iptables_total metric now gives
  the correct number of rules, rather than being off by one.
  
  Fixed multiple iptables proxy regressions introduced in 1.22:
  
    - When using Services with SessionAffinity, client affinity for an
      endpoint now gets broken when that endpoint becomes non-ready

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering
        proxy_buffering off;
        proxy_request_buffering off;

        location / {
            proxy_set_header Host $http_host;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value
        client_max_body_size 0;
        # To disable buffering
        proxy_buffering off;
        proxy_request_buffering off;

        location / {
            proxy_set_header Host $http_host;

root_access                     (boolean)   turn 'off' root credential access for all API calls including s3, admin operations (default: 'on')
sync_events                     (boolean)   set to enable synchronous bucket notifications (default: 'off')
```

or environment variables

```

MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY          (on|off)    trust server TLS without verification, defaults to "off" (verify)
MINIO_IDENTITY_LDAP_SERVER_INSECURE          (on|off)    allow plain text connection to AD/LDAP server, defaults to "off"
MINIO_IDENTITY_LDAP_SERVER_STARTTLS          (on|off)    use StartTLS connection to AD/LDAP server, defaults to "off"

### Fixing DCO failures/Signing Off Commits After Submitting a Pull Request

You must agree to the terms of [Developer Certificate of Origin](https://developercertificate.org/) by signing off your commits. We automatically verify that all commit messages contain a `Signed-off-by:` line with your email address. We can only accept PRs that have all commits signed off.