DoubletonIteratorTester() {
      super(5, MODIFIABLE, newArrayList(1, 2), IteratorTester.KnownOrder.KNOWN_ORDER);
    }
  }

  private static Iterator<Integer> iterateOver(int... values) {
    // Note: Ints.asList's iterator does not support remove which we need for testing.
    return new ArrayList<>(Ints.asList(values)).iterator();
  }

  public void testElementsEqual() {
    Iterable<?> a;
    Iterable<?> b;

     * <li>* (asterisk) → \2a</li>
     * <li>( (left parenthesis) → \28</li>
     * <li>) (right parenthesis) → \29</li>
     * <li>\0 (null character) → \00</li>
     * </ul>
     *
     * <p><strong>Security Note:</strong> This method MUST be called on all user-supplied
     * input before using it in LDAP search filters to prevent LDAP injection vulnerabilities.
     *

  In addition, when this feature is enabled, the 'details' field of 'Status' from the LIST response
  includes information that identifies the corrupt object(s).
  NOTE: unsafe deletion ignores finalizer constraints, and skips precondition checks.
  WARNING: this may break the workload associated with the resource being unsafe-deleted, if it relies on

* kubeadm: fixes error when upgrading from v1.13 to v1.14 clusters created with kubeadm v1.12. Please note that it is required to upgrade etcd during the final v1.13 to v1.14 upgrade. ([#75956](https://github.com/kubernetes/kubernetes/pull/75956), [@fabriziopandini](https://github.com/fabriziopandini))

specified in the service account's secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.

**Note**: This only impacts the cluster if the ServiceAccount admission plugin is used (most cluster should have this on by default as recommended in https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#serviceaccount), the `kub...

- SCTP support in API objects (Pod, Service, NetworkPolicy) is now GA.
  Note that this has no effect on whether SCTP is enabled on nodes at the kernel level,

enabled admission plugins are now `NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,StorageObjectInUseProtection`. Please note that if you previously had not set the `--admission-control` flag, your cluster behavior may change (to be more standard). ([#74610](https://github.com/kubernetes/kubernetes/pull/74610), [@oomichi](https://github.com/oomichi))


...

1. Export existing PodSecurityPolicy objects:
  * `kubectl get podsecuritypolicies -o yaml > psp.yaml`
2. Review and delete any PodSecurityPolicy objects you do not want all pod-creating users to be able to use (NOTE: Privileged users that were making use of those policies will also lose access to those policies). For example:
  * `kubectl delete podsecuritypolicies/my-privileged-policy`

- Improved scheduling performance when many nodes, and prefilter returned 1-2 nodes (e.g. daemonset)
  

## Changes by Kind

### API Change

- Improved scheduling performance when many nodes, and prefilter returns 1-2 nodes (e.g. daemonset)